CN110351227A - A kind of method and apparatus of Data Encryption Transmission - Google Patents
A kind of method and apparatus of Data Encryption Transmission Download PDFInfo
- Publication number
- CN110351227A CN110351227A CN201810299177.4A CN201810299177A CN110351227A CN 110351227 A CN110351227 A CN 110351227A CN 201810299177 A CN201810299177 A CN 201810299177A CN 110351227 A CN110351227 A CN 110351227A
- Authority
- CN
- China
- Prior art keywords
- data
- coded signal
- service device
- signal communicator
- transmitted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
This application discloses a kind of method and apparatus of Data Encryption Transmission, unidirectional data transmission can be carried out between front server and offline service device, also unidirectional data transmission can be carried out between offline service device and backend server, and data send and receive respectively by the first coded signal communicator, second coded signal communicator, third coded signal communicator and the control of the 4th coded signal communicator, offline service device is set to completely cut off physical network, guarantee the private key stored in offline service device, public key and signed data will not be stolen and reveal, it ensures information security.In addition, the technical solution of the embodiment of the present application, due to entering data directly in another server from a server, it avoids carrying out data transmission with other tools, can guarantee the efficiency of transmission of data and the real-time of data transmission.
Description
Technical field
This application involves technical field of data processing more particularly to a kind of method and apparatus of Data Encryption Transmission.
Background technique
Data encryption is a time-honored technology, refer to will be changed into plain text by Encryption Algorithm and encryption key it is close
Text, and decrypting is then to be restored ciphertext to by decipherment algorithm and decruption key in plain text.The core of data encryption is cryptography.Number
It is at present still a kind of most reliable method that computer system protects information according to encryption.It is using cryptographic technique to information
It is encrypted, realizes information hiding, to play the effect of the safety of protection information.
With the high speed development of internet, more and more data are transmitted between networks, however confidentiality is high
Data transmission is disclosed in a network, the significant problem of information leakage can be faced with.In order to avoid this problem, the prior art
In, usually the data transmitted in a network are encrypted there are two types of mode: one, public key and private key all being stored to data and is sent
The online network server of side, can be digitally signed data to be sent using private key directly in network server;Two,
Private key is stored to offline service device, is passed data by data storage facility (USB flash disk/mobile hard disk) when needing to send data
It is defeated or be mounted on offline service device, data to be sent are digitally signed using private key in offline service device, are reused
Signed data is transmitted or is mounted to network server and uses by data storage facility.
However, above-mentioned first method ensure that the timeliness of data transmission, but since private key is stored in network service
In device, private key may result in network server and using safety problem.Second method ensure that the safety of private key, still
But since it is desired that data to be transmitted and signed data are transmitted using other movement storage tools, effect is significantly reduced
Rate.So how to guarantee that the safety of Data Encryption Transmission can guarantee efficiency of transmission again, becomes those skilled in the art and urgently solve
Certainly the problem of.
Summary of the invention
This application provides a kind of method and apparatus of Data Encryption Transmission, to solve the side of existing encrypted transmission data
The problem of safety of method is low and transmission efficiency is low.
On the one hand, this application provides a kind of methods of Data Encryption Transmission, which comprises
Compressed data packets are one-way transmitted on offline service device by the first coded signal communicator on front server
Second coded signal communicator;The compressed data packets are the data packet after data to be transmitted and signature command ciphered compressed;
The second coded signal communicator sends the compressed data packets to the processor of the offline service device;
The processor of the offline service device parses the compressed data packets, obtains data to be transmitted and signature command;
The processor of the offline service device signs to the data to be transmitted according to the signature command, using private key,
Obtain signed data;
The signed data is encrypted and is encapsulated by the processor of the offline service device, obtains encapsulation package;
The encapsulation package is one-way transmitted to backend server by the third coded signal communicator on the offline service device
On the 4th coded signal communicator.
Optionally, compressed data packets are one-way transmitted to offline by the first coded signal communicator on the front server
Before the step of the second coded signal communicator on server, further includes:
The processor of the front server is by data to be transmitted and signature command ciphered compressed at compressed data packets;
The first coded signal communicator on the front server obtains the compressed data packets.
Optionally, the first coded signal communicator on the front server obtain the step of compressed data packets it
Afterwards, comprising:
The electric signal for carrying the compressed data packets is converted into one-way transmission signal by the first coded signal communicator.
Optionally, the second coded signal communicator sends the compressed data packets at the place of the offline service device
Before the step of managing device, comprising:
The one-way transmission signal for carrying the compressed data packets is converted into electric signal by the second coded signal communicator.
Optionally, the encapsulation package is one-way transmitted to postposition by the third coded signal communicator on the offline service device
The step of the 4th coded signal communicator on server, comprising:
The third coded signal communicator obtains the encapsulation package;
The electric signal for carrying the encapsulation package is converted into one-way transmission signal by the third coded signal communicator;
The encapsulation package is one-way transmitted to postposition using the one-way transmission signal by the third coded signal communicator
The 4th coded signal communicator on server.
Optionally, the encapsulation package is one-way transmitted to postposition by the third coded signal communicator on the offline service device
After the step of the 4th coded signal communicator on server, further includes:
The 4th coded signal communicator sends the encapsulation package to the processor of the backend server.
Optionally, the 4th coded signal communicator sends the encapsulation package to the processor of the backend server
The step of before, further includes:
The one-way transmission signal for carrying the encapsulation package is converted into electric signal by the 4th coded signal communicator.
Optionally, the 4th coded signal communicator sends the encapsulation package to the processor of the backend server
The step of after, further includes:
The processor of the backend server parses the encapsulation package, obtains the signed data;
The processor of the backend server carries out data check to the signed data;
The processor of the backend server is according to the data check as a result, judging whether the data to be transmitted closes
Method.
Optionally, the processor of the backend server is according to the data check as a result, judging the number to be transmitted
According to whether legal step, comprising:
If the data check success, the data to be transmitted are legal;
If the data check is failed, the data to be transmitted is illegal.
On the other hand, this application provides a kind of equipment of Data Encryption Transmission, the equipment includes:
At least one front server, offline service device and at least one backend server;
At least one the first coded signal communicator being located at least one described front server;
The the second coded signal communicator and third coded signal communicator being located on the offline service device;
At least one the 4th coded signal communicator being located at least one described backend server;
The processor being equipped in the offline service device in offline service device;
The processor of the offline service device is configured as:
The compressed data packets are parsed, data to be transmitted and signature command are obtained;
According to the signature command, is signed using private key to the data to be transmitted, obtain signed data;
The signed data is encrypted and is encapsulated, encapsulation package is obtained.
From the above technical scheme, the method and apparatus of the Data Encryption Transmission of the embodiment of the present application, can be preposition
Unidirectional data transmission is carried out between server and offline service device, also can between offline service device and backend server into
The unidirectional data transmission of row, and data send and receive and communicated respectively by the first coded signal communicator, the second coded signal
Device, third coded signal communicator and the 4th coded signal communicator control, make offline service device completely cut off physical network, guarantee from
Private key, public key and the signed data stored in line server will not be stolen and reveal, and ensure information security.In addition, the application
The technical solution of embodiment, it is another due to entering data directly from a server
It in a server, avoids carrying out data transmission with other tools, can guarantee the efficiency of transmission of data and the reality of data transmission
Shi Xing.
Detailed description of the invention
In order to illustrate more clearly of the technical solution of the application, attached drawing needed in case study on implementation will be made below
Simply introduce, it should be apparent that, for those of ordinary skills, in the premise of not making the creative labor property
Under, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of method flow diagram of Data Encryption Transmission provided by the embodiments of the present application;
Fig. 2 is the flow chart of step 106 provided by the embodiments of the present application;
Fig. 3 is a kind of equipment structure chart of Data Encryption Transmission provided by the embodiments of the present application;
Fig. 4 is the equipment structure chart of another Data Encryption Transmission provided by the embodiments of the present application.
Specific embodiment
In order to make those skilled in the art better understand the technical solutions in the application, below in conjunction with attached drawing, it is right
Technical solution in the embodiment of the present application is clearly and completely described.
It is method universal at present that data carry out encryption during transmission, typically to hair when data being avoided to transmit
The safety problem of raw information leakage.But various network technologies increasingly develop with it is powerful, even if at present to data encryption,
It is difficult to ensure that the network server of storing data is not stolen and invades.In other words, once network server is among network,
Other people are just difficult to avoid that using high-end technology steal information, in this way, which the data whether stored in network server are also
It is the data transmitted between server, safety is all difficult to be guaranteed.Based on this, one kind is provided in the embodiment of the present application
The method of Data Encryption Transmission makes the server of storing data completely cut off physical network.
It is a kind of method of Data Encryption Transmission provided by the embodiments of the present application referring to Fig. 1, comprising:
Step 101, compressed data packets are one-way transmitted to offline clothes by the first coded signal communicator on front server
The second coded signal communicator being engaged on device;The compressed data packets are the number after data to be transmitted and signature command ciphered compressed
According to packet.
What is carried out between first coded signal communicator and the second coded signal communicator is that unidirectional data send and connect
It receives, specifically, the first coded signal communicator can be oriented and be arranged to be only used for sending the compressed data packets, and by second
Coded signal communicator is arranged to be only used for receiving the compressed data packets, between such front server and offline service device just
The one-way process transmitted from front server to offline service device can be only carried out, can guarantee data one-way transmission, i.e. compressed data
Packet once enter offline service device after, only to the first coded signal communicator and the second coded signal communicator again into
Otherwise row communications setting can not again come out data acquisition from this one end of front server.Therefore, it is communicated by the first coded signal
The one-way transmission line that device and the second coded signal communicator are established can guarantee the safety of data in offline service device.
Step 102, the second coded signal communicator sends compressed data packets to the processor of offline service device.
Second coded signal communicator also sends offline clothes for compressed data packets after receiving compressed data packets
Business device is handled, and what is specifically handled is the processor inside offline service device.
Step 103, the processor of offline service device parses compressed data packets, obtains data to be transmitted and signature command.
Since compressed data packets are generated after data to be transmitted and signature command ciphered compressed, so offline service device
After processor parses compressed data packets, so that it may obtain data to be transmitted and signature command.
It is worth noting that generally for the safety for guaranteeing to transmit data between server, it is also necessary to by preposition service
The data packet issued in device is encrypted, and offline service device is after obtaining the compressed data packets, using decryption oprerations, by this
Compressed data packets decryption uses.In general, the encryption technology used between server has very much, in the application front server and from
Data encryption technology is also to be also possible to asymmetric encryption in this way, can be symmetric cryptography between line server, in the application reality
It applies in example and is not specifically limited.
Step 104, the processor of offline service device is obtained according to signature command using private key to data signature to be transmitted
Signed data.
Private key is preserved in offline service device, is signed using private key to data to be transmitted, is the important of data encryption
Means.Signature guarantees that this segment data only has sender that could generate, and others can not forge, if by signed data, public key and
Data to be transmitted issues recipient together, then recipient will verify signed data using public key, if proving number
It is not modified according in transmission process, then the data to be transmitted is exactly complete, can be used further.
Step 105, signed data is encrypted and is encapsulated by the processor of offline service device, obtains encapsulation package.
Due in offline service device data and information in the future can by backend server obtain and use, in order to avoid
The problem of information leakage occurs when offline service device and backend server transmission data, after needing to sign in offline service device
Data carry out encryption and package process again, to guarantee the safety of data.
Preferably, the processor of offline service device, can be by signed data, operational order, public key and to be passed in processing
Transmission of data encrypts be packaged into encapsulation package together, can be according to public key to signature after backend server obtains and parses encapsulation package
Data are verified, and guarantee the integrality of data transmission.
Step 106, encapsulation package is one-way transmitted to backend server by the third coded signal communicator on offline service device
On the 4th coded signal communicator.
With above-mentioned steps 101, what is carried out between third coded signal communicator and the 4th coded signal communicator is also single
To data send and receive, specifically, third coded signal communicator can be oriented and be arranged to be only used for send encapsulation package,
And the 4th coded signal communicator is arranged to be only used for receiving the encapsulation package, such offline service device and backend server it
Between will only carry out from offline service device to the one-way process of postposition server transport, can guarantee data one-way transmission, that is, encapsulate
Packet once after leaving offline service device, only to third coded signal communicator and the 4th coded signal communicator again into
Row communications setting, otherwise data can not enter back into offline service device in backend server.Therefore, it is communicated by third coded signal
The one-way transmission line that device and the 4th coded signal communicator are established can equally guarantee the safety of data in offline service device.
From the above technical scheme, the method for the Data Encryption Transmission of the embodiment of the present application, can be in front server
Unidirectional data transmission is carried out between offline service device, can also be carried out between offline service device and backend server unidirectional
Data transmission, and data send and receive respectively by the first coded signal communicator, the second coded signal communicator, third
Coded signal communicator and the control of the 4th coded signal communicator, make offline service device completely cut off physical network, guarantee offline service
Private key, public key and the signed data stored in device will not be stolen and reveal, and ensure information security.In addition, the embodiment of the present application
Technical solution, due to by the way of one-way data transfer, make data directly from a server into another service
It in device, avoids carrying out data transmission with other tools, can guarantee the efficiency of transmission of data and the real-time of data transmission.
In the preferred example of one of the application, the first coded signal communicator in step 101, front server will
Compressed data packets are one-way transmitted to before the second coded signal communicator on offline service device, further includes: front server
Processor is by data to be transmitted and signature command ciphered compressed at compressed data packets;The first coded signal on front server is logical
Believe that device obtains compressed data packets.
What is sent due to the first coded signal communicator is compressed data packets, so being necessarily required in front server will be to
Transmission data and signature command are compressed, and execute this operation in front server is the processor of front server,
Wherein, the processor that signature command is used to indicate offline service device carries out signature operation to data to be transmitted, to guarantee data
Safety.Further, since the first coded signal communicator is mounted on front server, and the first coded signal communicator is with before
The processor for setting server is two different elements again, so the compressed data packets that processor generates cannot directly be added by first
Secret letter signal communication device use, the first coded signal communicator by compressed data packets be sent to the second coded signal communicator it
Before, the compressed data packets are also obtained from the processor of front server.
Specifically, after the first coded signal communicator on front server obtains the compressed data packets, first
The electric signal for carrying compressed data packets is also converted into one-way transmission signal by coded signal communicator, so that data carry out unidirectionally
Transmission.Before the step of compressed data packets are sent the processor of offline service device by second coded signal communicator, second adds
The one-way transmission signal for carrying the compressed data packets is also converted into electric signal by secret letter signal communication device.Due to the first encryption letter
It is the relationship of one-way transmission between signal communication device and the second coded signal communicator, then the signal transmitted between them
Also the signal of one-way transmission can be necessarily carried out, to be adapted to one-way transmission medium.By taking a preferred embodiment as an example, the
Transmission medium between one coded signal communicator and the second coded signal communicator is optical fiber, and what is transmitted in a fiber must be
Optical signal, so, optical signal is one-way transmission signal, and the first coded signal communicator is after obtaining compressed data packets, also
The electric signal for carrying compressed data packets is converted into optical signal transmission to the second coded signal communicator.Second coded signal is logical
Letter device receives optical signal and then converts optical signals into electric signal, and the processor for being sent to offline service device is handled.
Third coded signal in the preferred example of one of the application, as shown in Fig. 2, step 106, on offline service device
Encapsulation package is one-way transmitted to the specific steps of the 4th coded signal communicator in backend server by communicator further include:
Step 601, third coded signal communicator obtains packaged packet.
The processor of offline service device will not directly transmit away after generating encapsulation package, in order to realize one-way transmission, also
Encapsulation package to be sent using third coded signal communicator.
Step 602, the electric signal for carrying encapsulation package is converted into one-way transmission signal by third coded signal communicator.Due to
Between third coded signal communicator and the 4th coded signal communicator it is the relationship of one-way transmission, then carrying out between them
The signal of transmission also can necessarily carry out the signal of one-way transmission, to be adapted to one-way transmission medium.Again with above-mentioned one
For preferred embodiment, the transmission medium between third coded signal communicator and the 4th coded signal communicator is optical fiber,
What is transmitted in a fiber must be optical signal, so, optical signal is one-way transmission signal, and third coded signal communicator is obtaining
After taking encapsulation package, the electric signal for carrying encapsulation package is also converted into optical signal transmission to the 4th coded signal communicator.
Step 603, encapsulation package is one-way transmitted to postposition service using one-way transmission signal by third coded signal communicator
The 4th coded signal communicator in device.
In the preferred embodiment of the application, the third coded signal communicator in offline service device is unidirectional by encapsulation package
It is transmitted to after the 4th coded signal communicator in backend server, the 4th coded signal communicator can also send out encapsulation package
It is sent to the processor of backend server.
Specifically, the 4th coded signal communicator sends encapsulation package to before the processor of backend server, the 4th adds
The one-way transmission signal for carrying encapsulation package is converted into electric signal by secret letter signal communication device.Since the processor of backend server cannot
Optical signal is directly handled, so the 4th coded signal communicator after receiving encapsulation package, also turns optical signal
Electric signal is changed into, so that processor carries out next step operation.
In addition, the main function of offline service device is exactly to store private key and public key, and sign to data to be transmitted,
The process for guaranteeing the safety of data to be transmitted, and these data being further processed except offline service device into
Row, at this time, it may be necessary to which backend server obtains signed data from offline service device, then carries out the operation of next step.
Optionally, the 4th coded signal communicator sends encapsulation package to after the processor of backend server, further includes:
Step 301, the processor of backend server parses encapsulation package, obtains signed data, since offline service device is with after
Set between server carry out data transmitting when, data usually will by carry out ciphered compressed, to guarantee the safety of data, so,
When backend server gets encapsulation package, the data in encapsulation package is first had to parse, offline service device and postposition take
Data encryption technology between business device can use symmetric cryptography or use asymmetric encryption, not do in the embodiment of the present application
It is specific to limit.
Step 302, the processor of backend server carries out data check to signed data, and data check can guarantee to be passed
The integrality of transmission of data, once data to be transmitted is stolen or reveals in transmission process, the processing of backend server
It is imperfect that device will verify out the data to be transmitted.
Step 303, the processor of backend server is according to data check as a result, judging whether data to be transmitted is legal.
Specifically, the processor of backend server according to data check as a result, judge whether data to be transmitted legal, wrap
It includes: if data check success, proves that data to be transmitted is complete, data to be transmitted is legal;If data check is failed,
Prove that data to be transmitted is imperfect, data to be transmitted is illegal.
It is worth noting that signature is the process of an encryption, then data check is exactly the process of a decryption, lead to
Often, offline service device needs to sign a part of information of data to be transmitted with private key, that is, ciphering process, then from
Signed data and data to be transmitted are issued backend server again by line server together, and the processor of backend server is using offline
The public key of server decrypts signed data, and other functions is then recycled to generate a summary info to data to be transmitted, will
This summary info is compared with the signed data after decryption, if identical, the information for illustrating that backend server receives is
Completely, it is not modified in transmission process, conversely, then illustrating that the received information of backend server is imperfect, is being transmitted across
It is modified in journey.Therefore, the process of data check is able to verify that the integrality of information.
In the preferred embodiment of the application, one-way transmission medium does not limit optical fiber, the first coded signal communicator
Data transmission and third coded signal communicator and the 4th coded signal communicator between the second coded signal communicator it
Between data transmission can be carried out by way of surface sweeping two dimensional code.Specifically, when data volume to be transmitted is smaller, it is preposition
Signature command and data to be transmitted are generated two dimensional code by the processor of server, and are shown in the first coded signal communicator,
Then the second coded signal communicator of offline service device obtains two from the first coded signal communicator by way of barcode scanning
The signature command and data to be transmitted in code are tieed up, the processor of offline service device again signs to data to be transmitted later, will
Signed data, data to be transmitted, public key and operational order generate two dimensional code, the third coded signal communicator on offline service device
Two dimensional code is shown, the 4th coded signal communicator in backend server obtains number of signature using the mode of barcode scanning
According to, data to be transmitted, public key and operational order.
It is worth noting that above-mentioned one-way transmission medium is not merely defined in above-mentioned optical fiber and two dimensional code two ways,
In the embodiment of the present application, optical fiber and two dimensional code can support the medium of one-way transmission to substitute by other, one-way transmission
Medium can be wired transmissions medium and wireless transmission medium.
From the above technical scheme, the method for the Data Encryption Transmission of the embodiment of the present application, can be in front server
Unidirectional data transmission is carried out between offline service device, can also be carried out between offline service device and backend server unidirectional
Data transmission, and data send and receive respectively by the first coded signal communicator, the second coded signal communicator, third
Coded signal communicator and the control of the 4th coded signal communicator, make offline service device completely cut off physical network, guarantee offline service
Private key, public key and the signed data stored in device will not be stolen and reveal, and ensure information security.In addition, the embodiment of the present application
Technical solution, due to by the way of one-way data transfer, make data directly from a server into another service
It in device, avoids carrying out data transmission with other tools, can guarantee the efficiency of transmission of data and the real-time of data transmission.
Referring to Fig. 3, the embodiment of the present application provides a kind of equipment of Data Encryption Transmission, and the equipment includes:
At least one front server 301, offline service device 302 and at least one backend server 303;
At least one the first coded signal communicator 311 being located at least one described front server 301;
The the second coded signal communicator 312 and third coded signal communicator being located on the offline service device 302
322;
At least one the 4th coded signal communicator 313 being located at least one described backend server 303;
The processor 332 being equipped in the offline service device 302 in offline service device;
The processor 332 of the offline service device is configured as:
The compressed data packets are parsed, data to be transmitted and signature command are obtained;
According to the signature command, is signed using private key to the data to be transmitted, obtain signed data;
The signed data is encrypted and is encapsulated, encapsulation package is obtained.
Optionally, referring to fig. 4, the processor 321 of front server, the place of front server are additionally provided in front server
Reason device 321 is configured as: by data to be transmitted and signature command ciphered compressed at compressed data packets.
The processor 323 of backend server is additionally provided in backend server 303, the processor 323 of backend server is matched
It is set to:
Encapsulation package is parsed, signed data is obtained;
Data check is carried out to signed data;
According to data check as a result, judging whether data to be transmitted is legal;
If data check success, data to be transmitted are legal;
If data check is failed, data to be transmitted is illegal.
From the above technical scheme, the method and apparatus of the Data Encryption Transmission of the embodiment of the present application, can be preposition
Unidirectional data transmission is carried out between server and offline service device, also can between offline service device and backend server into
The unidirectional data transmission of row, and data send and receive and communicated respectively by the first coded signal communicator, the second coded signal
Device, third coded signal communicator and the 4th coded signal communicator control, make offline service device completely cut off physical network, guarantee from
Private key, public key and the signed data stored in line server will not be stolen and reveal, and ensure information security.In addition, the application
The technical solution of embodiment, it is another due to entering data directly from a server
It in a server, avoids carrying out data transmission with other tools, can guarantee the efficiency of transmission of data and the reality of data transmission
Shi Xing.
It should be noted that, in this document, the relational terms of such as " first " and " second " or the like are used merely to one
A entity or operation with another entity or operate distinguish, without necessarily requiring or implying these entities or operation it
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to
Cover non-exclusive inclusion, so that the process, method, article or equipment for including a series of elements not only includes those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or setting
Standby intrinsic element.
Those skilled in the art will readily occur to its of the application after considering specification and practicing application disclosed herein
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or
Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope of the application is pointed out by claim.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and
And various modifications and changes may be made without departing from the scope thereof.Above-described the application embodiment is not constituted to this Shen
Please protection scope restriction.
Claims (10)
1. a kind of method of Data Encryption Transmission, which is characterized in that the described method includes:
Compressed data packets are one-way transmitted to second on offline service device by the first coded signal communicator on front server
Coded signal communicator;The compressed data packets are the data packet after data to be transmitted and signature command ciphered compressed;
The second coded signal communicator sends the compressed data packets to the processor of the offline service device;
The processor of the offline service device parses the compressed data packets, obtains data to be transmitted and signature command;
The processor of the offline service device signs to the data to be transmitted according to the signature command, using private key, obtains
Signed data;
The signed data is encrypted and is encapsulated by the processor of the offline service device, obtains encapsulation package;
The encapsulation package is one-way transmitted in backend server by the third coded signal communicator on the offline service device
4th coded signal communicator.
2. the method according to claim 1, wherein the first coded signal communicator on the front server
Before the step of the second coded signal communicator compressed data packets being one-way transmitted on offline service device, further includes:
The processor of the front server is by data to be transmitted and signature command ciphered compressed at compressed data packets;
The first coded signal communicator on the front server obtains the compressed data packets.
3. according to the method described in claim 2, it is characterized in that, the first coded signal communicator on the front server
After the step of obtaining the compressed data packets, comprising:
The electric signal for carrying the compressed data packets is converted into one-way transmission signal by the first coded signal communicator.
4. the method according to claim 1, wherein the second coded signal communicator is by the compressed data
Before the step of packet is sent to the processor of the offline service device, comprising:
The one-way transmission signal for carrying the compressed data packets is converted into electric signal by the second coded signal communicator.
5. the method according to claim 1, wherein the third coded signal communicator on the offline service device
The step of the 4th coded signal communicator encapsulation package being one-way transmitted in backend server, comprising:
The third coded signal communicator obtains the encapsulation package;
The electric signal for carrying the encapsulation package is converted into one-way transmission signal by the third coded signal communicator;
The encapsulation package is one-way transmitted to postposition service using the one-way transmission signal by the third coded signal communicator
The 4th coded signal communicator on device.
6. the method according to claim 1, wherein the third coded signal communicator on the offline service device
After the step of the 4th coded signal communicator encapsulation package being one-way transmitted in backend server, further includes:
The 4th coded signal communicator sends the encapsulation package to the processor of the backend server.
7. according to the method described in claim 6, it is characterized in that, the 4th coded signal communicator sends out the encapsulation package
Before the step of being sent to the processor of the backend server, further includes:
The one-way transmission signal for carrying the encapsulation package is converted into electric signal by the 4th coded signal communicator.
8. the method according to the description of claim 7 is characterized in that the 4th coded signal communicator sends out the encapsulation package
After the step of being sent to the processor of the backend server, further includes:
The processor of the backend server parses the encapsulation package, obtains the signed data;
The processor of the backend server carries out data check to the signed data;
The processor of the backend server is according to the data check as a result, judging whether the data to be transmitted is legal.
9. according to the method described in claim 8, it is characterized in that, the processor of the backend server is according to the data school
It is testing as a result, judging the whether legal step of the data to be transmitted, comprising:
If the data check success, the data to be transmitted are legal;
If the data check is failed, the data to be transmitted is illegal.
10. a kind of equipment of Data Encryption Transmission, which is characterized in that the equipment includes:
At least one front server, offline service device and at least one backend server;
At least one the first coded signal communicator being located at least one described front server;
The the second coded signal communicator and third coded signal communicator being located on the offline service device;
At least one the 4th coded signal communicator being located at least one described backend server;
The processor being equipped in the offline service device in offline service device;
The processor of the offline service device is configured as:
The compressed data packets are parsed, data to be transmitted and signature command are obtained;
According to the signature command, is signed using private key to the data to be transmitted, obtain signed data;
The signed data is encrypted and is encapsulated, encapsulation package is obtained.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810299177.4A CN110351227A (en) | 2018-04-04 | 2018-04-04 | A kind of method and apparatus of Data Encryption Transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810299177.4A CN110351227A (en) | 2018-04-04 | 2018-04-04 | A kind of method and apparatus of Data Encryption Transmission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110351227A true CN110351227A (en) | 2019-10-18 |
Family
ID=68173728
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810299177.4A Pending CN110351227A (en) | 2018-04-04 | 2018-04-04 | A kind of method and apparatus of Data Encryption Transmission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110351227A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112578222A (en) * | 2020-11-27 | 2021-03-30 | 国网山东省电力公司济宁供电公司 | Power distribution terminal off-line detection method, system and platform |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120131344A1 (en) * | 2010-11-19 | 2012-05-24 | International Business Machines Corporation | Identifying and locating authenticated services using broadcast encryption |
| CN104836776A (en) * | 2014-02-10 | 2015-08-12 | 阿里巴巴集团控股有限公司 | Data interaction method and device |
| CN106033571A (en) * | 2015-08-25 | 2016-10-19 | 天地融科技股份有限公司 | Trading method of electronic signature devices, electronic signature devices and trading system |
| CN107004051A (en) * | 2014-10-01 | 2017-08-01 | 沃迪公司 | The secure access of individual information |
| CN107453862A (en) * | 2017-05-15 | 2017-12-08 | 杭州复杂美科技有限公司 | Private key generation storage and the scheme used |
-
2018
- 2018-04-04 CN CN201810299177.4A patent/CN110351227A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120131344A1 (en) * | 2010-11-19 | 2012-05-24 | International Business Machines Corporation | Identifying and locating authenticated services using broadcast encryption |
| CN104836776A (en) * | 2014-02-10 | 2015-08-12 | 阿里巴巴集团控股有限公司 | Data interaction method and device |
| CN107004051A (en) * | 2014-10-01 | 2017-08-01 | 沃迪公司 | The secure access of individual information |
| CN106033571A (en) * | 2015-08-25 | 2016-10-19 | 天地融科技股份有限公司 | Trading method of electronic signature devices, electronic signature devices and trading system |
| CN107453862A (en) * | 2017-05-15 | 2017-12-08 | 杭州复杂美科技有限公司 | Private key generation storage and the scheme used |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112578222A (en) * | 2020-11-27 | 2021-03-30 | 国网山东省电力公司济宁供电公司 | Power distribution terminal off-line detection method, system and platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102802036B (en) | System and method for identifying digital television | |
| CN101677269B (en) | Method and system for transmitting keys | |
| KR20060051957A (en) | Encrypted data distributing method, encryption device, decryption device, encryption program and decryption program | |
| CN105450395A (en) | Information encryption and decryption processing method and system | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN110753321A (en) | Safe communication method for vehicle-mounted TBOX and cloud server | |
| CN111970114B (en) | File encryption method, system, server and storage medium | |
| CN103326862A (en) | Electronically signing method and system | |
| CN108667784B (en) | System and method for protecting internet identity card verification information | |
| CN104243149A (en) | Encrypting and decrypting method, device and server | |
| CN105208028A (en) | Data transmission method and related device and equipment | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN102404337A (en) | Data encryption method and device | |
| CN105959281A (en) | File encrypted transmission method and device | |
| CN101795315A (en) | System and method for encrypting short messages by using mobile phone terminal | |
| JP4883698B2 (en) | Key distribution method and system | |
| CN101841785B (en) | Method for sending encrypted message by cellphone and system thereof | |
| CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
| CN105262759A (en) | Method and system for encrypted communication | |
| CN104683355A (en) | Anti-repudiation dynamic password generating method and dynamic password verification system | |
| CN110351227A (en) | A kind of method and apparatus of Data Encryption Transmission | |
| KR102053993B1 (en) | Method for Authenticating by using Certificate | |
| CN104243291A (en) | Instant messaging method and system thereof capable of guaranteeing safety of user communication content | |
| CN202918498U (en) | SIM card adapter, mobile terminal and digital signature authentication system | |
| CN201623859U (en) | System for encrypting short messages through mobile phone terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20191018 |
|
| WD01 | Invention patent application deemed withdrawn after publication |