CN111464496B - Data transmission method, device, system, storage medium and electronic device - Google Patents
Data transmission method, device, system, storage medium and electronic device Download PDFInfo
- Publication number
- CN111464496B CN111464496B CN202010145896.8A CN202010145896A CN111464496B CN 111464496 B CN111464496 B CN 111464496B CN 202010145896 A CN202010145896 A CN 202010145896A CN 111464496 B CN111464496 B CN 111464496B
- Authority
- CN
- China
- Prior art keywords
- data
- primary key
- request
- value
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The invention provides a data transmission method, a device, a system, a storage medium and an electronic device, wherein the method comprises the following steps: receiving a first data request of a web client; querying first data from a database according to the first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database; encrypting each first primary key ID in the first data to obtain second data; and sending the second data to the web client. The invention solves the technical problem that the primary key ID of the database table is easy to be exposed in the related technology, can prevent the primary key ID from being directly exposed on a transmission link and a client, realizes the anti-theft effect and further achieves the aim of protecting a server.
Description
Technical Field
The invention relates to the field of network security, in particular to a data transmission method, a data transmission device, a data transmission system, a data transmission storage medium and an electronic device.
Background
In the related art, a database is usually used to store related data when a web application is developed, and most database tables use an ID as a primary key for indexing related records.
In the related art, in the process of developing a project, in most cases, the ID is directly returned to the front end, and is directly or indirectly exposed, which results in some potential risks, for example, a hacker can obtain or modify system information through the ID to achieve the purpose of attacking the application server, so that the security of server data cannot be guaranteed.
In view of the above problems in the related art, no effective solution has been found so far.
Disclosure of Invention
The embodiment of the invention provides a data transmission method, a data transmission device, a data transmission system, a data transmission storage medium and an electronic device.
According to an embodiment of the present invention, there is provided a data transmission method including: receiving a first data request of a web client; querying first data from a database according to the first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database; encrypting each first primary key ID in the first data to obtain second data; and sending the second data to the web client.
Optionally, encrypting each first primary key ID in the first data to obtain second data includes: filtering the first data by adopting a regular expression to obtain the ID of the first primary key; generating an encryption sequence based on the first primary key ID by adopting a preset encryption algorithm; and replacing the first primary key ID in the first data with the encryption sequence to obtain the second data.
Optionally, generating an encryption sequence based on the first primary key ID by using a preset encryption algorithm includes: adding a specific value to the ID of the first primary key to obtain a basic value to be encrypted; encrypting the basic value by adopting a first encryption algorithm to obtain a first encrypted value, and encrypting the random value by adopting a second encryption algorithm to obtain a second encrypted value; concatenating the base value, the first cryptographic value, and the second cryptographic value with a connector to generate the encrypted sequence.
Optionally, after sending the second data to the web client, the method further includes: receiving a second data request triggered by the web client based on the encrypted first primary key ID; decrypting the second data request to obtain a first primary key ID in request parameters; taking the ID of the first primary key as an index, inquiring a table record in the database, and packaging third data based on the table record; encrypting the second primary key ID in the third data to obtain fourth data; and sending the fourth data to the web client.
Optionally, decrypting the second data request to obtain the first primary key ID in the request parameter includes: filtering the second data request by adopting a regular expression to obtain an encryption sequence corresponding to the first primary key ID, wherein the encryption sequence consists of a basic value and an encryption value; encrypting the basic value by adopting a preset encryption algorithm to obtain a decrypted value; judging whether the decrypted value is consistent with the encrypted value; and if the decrypted value is consistent with the encrypted value, resolving the source ID in the basic value to obtain the first primary key ID.
According to an embodiment of the present invention, there is provided another data transmission method including: sending a first data request to a web server; receiving first request result data fed back by the web server based on the first data request, wherein the first request result data comprises an encrypted sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database; and generating a rendering page in the browser according to the first request result data.
Optionally, after generating a rendered page at the browser according to the first request result data, the method further includes: sending a second data request to the web server, wherein the second data request carries the encryption sequence; and receiving second request result data fed back by the web server based on the second data request.
According to another embodiment of the present invention, there is provided a data transmission apparatus including: the first receiving module is used for receiving a first data request of the web client; a query module, configured to query first data from a database according to the first data request, where the first data includes at least one first primary key ID of a database table, and the first primary key ID is used to index a table record in the database; the first encryption module is used for encrypting each first primary key ID in the first data to obtain second data; and the first sending module is used for sending the second data to the web client.
Optionally, the first encryption module includes: the filtering unit is used for filtering the first data by adopting a regular expression to obtain the first primary key ID; a generating unit, configured to generate an encryption sequence based on the first primary key ID by using a preset encryption algorithm; and the replacing unit is used for replacing the first primary key ID in the first data with the encryption sequence to obtain the second data.
Optionally, the generating unit includes: the computing subunit is used for adding a specific value to the ID of the first primary key to obtain a basic value to be encrypted; the encryption subunit is used for encrypting the basic value by adopting a first encryption algorithm to obtain a first encrypted value and encrypting the random value by adopting a second encryption algorithm to obtain a second encrypted value; a concatenation subunit for concatenating the base value, the first cryptographic value, and the second cryptographic value with a connector to generate the encrypted sequence.
Optionally, the apparatus further comprises: the second receiving module is used for receiving a second data request triggered by the web client based on the encrypted first primary key ID after the second data is sent to the web client; the decryption module is used for decrypting the second data request to obtain a first primary key ID in the request parameter; the packaging module is used for inquiring table records in the database by taking the first primary key ID as an index and packaging third data based on the table records; the second encryption module is used for encrypting the second primary key ID in the third data to obtain fourth data; and the second sending module is used for sending the fourth data to the web client.
Optionally, the decryption module includes: the filtering unit is used for filtering the second data request by adopting a regular expression to obtain an encryption sequence corresponding to the first primary key ID, wherein the encryption sequence consists of a basic value and an encryption value; the encryption unit is used for encrypting the basic value by adopting a preset encryption algorithm to obtain a decrypted value; a judging unit for judging whether the decrypted value is consistent with the encrypted value; and the resolving unit is used for resolving the source ID in the basic value to obtain the first primary key ID if the decrypted value is consistent with the encrypted value.
According to another embodiment of the present invention, there is provided another data transmission apparatus including: the first sending module is used for sending a first data request to the web server; a first receiving module, configured to receive first request result data fed back by the web server based on the first data request, where the first request result data includes an encrypted sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used to index a table record in the database; and the generating module is used for generating a rendering page in the browser according to the first request result data.
Optionally, the apparatus further comprises: a second sending module, configured to send a second data request to the web server after a rendered page is generated in a browser according to the first request result data, where the second data request carries the encryption sequence; and the second receiving module is used for receiving second request result data fed back by the web server based on the second data request.
According to still another embodiment of the present invention, there is provided a data transmission system including: a web client, a web server, wherein the web client comprises the device described in the above embodiment; the web server comprises the device described in the above embodiment.
According to a further embodiment of the present invention, there is also provided a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
According to yet another embodiment of the present invention, there is also provided an electronic device, including a memory in which a computer program is stored and a processor configured to execute the computer program to perform the steps in any of the above method embodiments.
There is also provided, in accordance with yet another embodiment of the present invention, a computer program product, including a computer program stored on a non-transitory computer readable storage medium, the computer program including program instructions, characterized in that, when the program instructions are executed by a computer, the computer is caused to perform the steps of the method of any of the preceding embodiments.
According to the method and the device, the first data request of the web client is received, the first data of the primary key ID is inquired from the database according to the first data request, the first primary key ID in the first data is encrypted to obtain the second data, the second data is sent to the web client, the real ID is prevented from being directly exposed out by encrypting and mixing up the primary key ID in the data, the technical problem that the primary key ID of a database table is easily exposed in the related technology is solved, the primary key ID can be prevented from being directly exposed on a transmission link and the client, the anti-theft effect is achieved, and the purpose of protecting a server is achieved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 is a block diagram of a hardware configuration of a data transmission web server according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method of data transmission according to an embodiment of the present invention;
FIG. 3 is a flow chart of another method of data transmission according to an embodiment of the present invention;
FIG. 4 is an interaction flow diagram of an embodiment of the present invention;
fig. 5 is a block diagram of a data transmission apparatus according to an embodiment of the present invention;
fig. 6 is a block diagram of another data transmission apparatus according to an embodiment of the present invention;
FIG. 7 is a block diagram of a data transmission system according to an embodiment of the present invention;
fig. 8 is a block diagram of an electronic device implementing an embodiment of the invention.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be implemented in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
The method provided by the embodiment one of the present application may be executed in a web server, a WAF server, a security server, or a similar computing device. Taking the example of running on a web server, fig. 1 is a block diagram of a hardware structure of a data transmission web server according to an embodiment of the present invention. As shown in fig. 1, the web server 10 may include one or more (only one shown in fig. 1) processors 102 (the processors 102 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data, and optionally, may further include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those of ordinary skill in the art that the structure shown in fig. 1 is merely an illustration and is not intended to limit the structure of the web server. For example, web server 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store a web server program, for example, a software program and a module of application software, such as a web server program corresponding to a data transmission method in an embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the web server program stored in the memory 104, so as to implement the method described above. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 104 may further include memory located remotely from processor 102, which may be connected to web server 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the web server 10. In one example, the transmission device 106 includes a Network adapter (NIC), which can be connected to other Network devices through a base station so as to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In this embodiment, a data transmission method is provided, and fig. 2 is a flowchart of a data transmission method according to an embodiment of the present invention, as shown in fig. 2, the flowchart includes the following steps:
step S202, receiving a first data request of a web client;
the first data request of this embodiment may be an interaction request between a client and a server, such as a HyperText Transfer Protocol (HTTP) request, a Secure HyperText Transfer Protocol (HTTPs) request, and the like.
Step S204, inquiring first data from a database according to a first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
in the database deployment web server of this embodiment, or the database is connected to the web server, the primary key is a combination of one or more columns, the ID value of the primary key can uniquely identify each row in the table, the database stores data by the primary key, and the ID of the primary key is identification information of the primary key.
Step S206, encrypting each first primary key ID in the first data to obtain second data;
the encryption in this embodiment may adopt an encryption algorithm or a substitution algorithm to generate a reversible disguised value based on the real first primary key ID, so as to confuse the real ID value in the message and prevent theft and interception.
Step S208, sending the second data to the web client.
Through the steps, a first data request of the web client is received, first data of the primary key ID is inquired from the database according to the first data request, the first primary key ID in the first data is encrypted to obtain second data, the second data is sent to the web client, the real ID is prevented from being directly exposed through encrypting and mixing up the primary key ID in the data, the technical problem that the primary key ID of a database table is easily exposed in the related technology is solved, the primary key ID can be prevented from being directly exposed on a transmission link and the client, the anti-theft effect is achieved, and the purpose of protecting a server is achieved.
In this embodiment, encrypting the first primary key ID in the first data to obtain the second data includes:
s11, filtering the first data by adopting a regular expression to obtain a first primary key ID;
s12, generating an encryption sequence based on the first primary key ID by adopting a preset encryption algorithm;
in one embodiment of this embodiment, generating the encryption sequence based on the first primary key ID using the preset encryption algorithm includes: adding a specific value to the ID of the first primary key to obtain a basic value to be encrypted; encrypting the basic value by adopting a first encryption algorithm to obtain a first encrypted value, and encrypting the random value by adopting a second encryption algorithm to obtain a second encrypted value; the base value, the first cryptographic value, and the second cryptographic value are concatenated with the connector to generate the cryptographic sequence.
The first encryption algorithm and the second encryption algorithm may be reversible or irreversible encryption algorithms, such as MD5/RSA/DES encryption algorithms, and the first encryption algorithm and the second encryption algorithm may be the same or different encryption algorithms.
The primary key ID of this embodiment may be a number or a character, in an example, the first primary key ID is a number, a specific value (a preset number or character) is added to obtain a value a, that is, a basic value, the basic value is encrypted by using a first encryption algorithm to obtain a new value B, and the random value is encrypted by using a second encryption algorithm to obtain a new value C.
And various encryption modes comprising specific values and random numbers are adopted, and decryption values of various encryption algorithms are spliced to finally encrypt the sequence, so that the security of the encryption algorithms is improved, and the difficulty of illegal decoding is improved.
And S13, replacing the first primary key ID in the first data with an encryption sequence to obtain second data.
Through data filtering, the primary key ID with higher security in the data can be obtained, only the primary key ID with higher security can be encrypted, and the original primary key ID is replaced by the encrypted encryption sequence, so that the security of data transmission is improved.
In this embodiment, the server may interact with the client multiple times, and multiple data requests are required, and in an application scenario, after receiving the second data, when a second operation (such as an add/delete modify operation) is required, the client may re-trigger the data request through the encrypted ID. After sending the second data to the web client, the method further comprises:
s21, receiving a second data request triggered by the web client based on the encrypted first primary key ID;
s22, decrypting the second data request to obtain a first primary key ID in the request parameter;
after receiving the second data request carrying the encrypted first primary key ID, the server side needs to decrypt the second data request to obtain the real primary key ID.
In an implementation manner of this embodiment, decrypting the second data request to obtain the first primary key ID in the request parameter includes: filtering the second data request by adopting a regular expression to obtain an encryption sequence corresponding to the ID of the first primary key, wherein the encryption sequence consists of a basic value and an encryption value; encrypting the basic value by adopting a preset encryption algorithm (the same as the encryption algorithm in the previous encryption process) to obtain a decrypted value; judging whether the decrypted value is consistent with the encrypted value; and if the decrypted value is consistent with the encrypted value, resolving the source ID in the basic value to obtain the first primary key ID.
In one example, the encryption sequence includes a value B, a value a, and a value C, and since the encryption needs to be encrypted and spliced by the server at the previous interaction, the encryption algorithm and the splicing format are known, the value a is first intercepted in the encryption sequence, then the value a is encrypted (in the same way as the previous encryption), a value D is obtained (a decrypted value used for verifying whether the primary key ID in the encryption sequence is correct), and then whether the value D is the same as the value B is judged, if the value D is the same as the value B, the value a is correct, and then the value a is decrypted by performing an inverse operation (opposite to the previous operation), so as to obtain the first primary key ID.
In another example, the encryption algorithm is a reversible algorithm, and may decrypt the value B to obtain a value E, determine whether the value E is the same as the value a, if so, the value a is correct, and then decrypt the value a by performing an inverse operation (as opposed to the previous operation) to obtain the first primary key ID.
S23, using the first primary key ID as an index, inquiring the table record in the database, and packing the third data based on the table record;
s24, encrypting the second primary key ID in the third data to obtain fourth data;
and S25, sending the fourth data to the web client.
In this embodiment, a layer of encryption operation is performed on all IDs that may cause damage to the system before transmitting the IDs to the front-end client, and when the front-end client requests the back-end service, the ID transmitted to the back-end server is decrypted, so as to avoid directly exposing the ID, and meanwhile, service failure due to a false ID is avoided.
In this embodiment, a data transmission method is provided, and fig. 3 is a flowchart of another data transmission method according to an embodiment of the present invention, as shown in fig. 3, for explaining a scheme of this embodiment at a client, the flowchart includes the following steps:
step S302, a first data request is sent to a web server;
step S304, receiving first request result data fed back by the web server based on a first data request, wherein the first request result data comprises an encryption sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
and step S306, generating a rendering page in the browser according to the first request result data.
Optionally, after generating the rendered page at the browser according to the first request result data, the method further includes: sending a second data request to the web server, wherein the second data request carries an encryption sequence; and receiving second request result data fed back by the web server based on the second data request.
Through the steps, the web client receives the encryption sequence corresponding to the first primary key ID of the database table, so that the primary key ID can be prevented from being exposed in an interactive message with the server, the technical problem that the primary key ID of the database table is easy to be exposed in the related technology is solved, the primary key ID can be prevented from being directly exposed on a transmission link and the client, the anti-theft effect is achieved, and the purpose of protecting the server is achieved.
Fig. 4 is an interaction flowchart of an embodiment of the present invention, including a service front end (client) and a back end (server), including:
s41, the front end initiates HTTP request, obtains the needed data from the back end; the back end acquires data from the database and generates data required by the front end through a series of processing; filtering the IDs present in the data before returning to the front-end data, encrypting each ID using a special encryption means; and finally returning to the front end for front end display and the like.
The encryption process comprises the following steps:
step 1: in the after _ request, all the ID values in the returned result are obtained through regular matching and the like.
Step 2: and adding a specific value to the ID value to determine a random value, and generating two encrypted values respectively through an encryption algorithm such as MD5/RSA/DES (rivest Shamir Adleman/Shamir Adleman). And then the ID added with the specific value is spliced with the two generated encrypted values.
And step 3: and (5) repeating the step (2), carrying out encryption processing on each ID, replacing the original ID, and returning to the front end after all the ID values are replaced.
And S42, rendering the page by the front end according to the data returned by the back end, and displaying the page to the user. When other operations are required, the HTTP request is retriggered by the encrypted ID.
S43, the back end receives the request initiated by the front end, and before each request, the ID needed to be decrypted in the request is filtered, and then the real ID is decrypted according to the corresponding encryption method; and the back end uses the decrypted real ID to find the corresponding record from the database and executes corresponding operation.
The decryption process comprises the following steps:
step 1: in the before _ request, each HTTP request sent by the front end is intercepted, and the ID included in the request parameter is acquired in a regular manner or the like.
Step 2: and acquiring each encrypted ID, and acquiring the ID added with the specific value from the specified position according to a splicing mode in the encryption process.
And step 3: the ID value analyzed out is processed through an encryption algorithm such as MD5/RSA/DES, and the like, and an encryption value is generated. And judging whether the generated encryption value is consistent with the encrypted ID median value, if so, proving that the ID is correctly encrypted, otherwise, judging that the system is not normally encrypted and generated.
And 4, step 4: if the value is the correct encrypted value, subtracting the specific value added in the encryption process from the analyzed ID value to obtain the original ID.
Steps 2, 3, 4 are repeated, decrypting each ID and replacing the ID value in the incoming parameters. And finishing the replacement to obtain the real request parameters and executing the subsequent operation.
S44, before returning the request result to the front end, the encryption operation in the first step is executed again.
Through the processing method, a user using the web platform can be prevented from grabbing a real ID through a tool to carry out dangerous operation on the platform.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example 2
In this embodiment, a data transmission device and a system are further provided, which are used to implement the foregoing embodiments and preferred embodiments, and are not described again after being described. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 5 is a block diagram of a data transmission apparatus according to an embodiment of the present invention, which is applied to a client, and as shown in fig. 5, the apparatus includes: an acquisition module 50, a determination module 52, a monitoring module 54, a control module 56, wherein,
a first receiving module 50, configured to receive a first data request of a web client;
a query module 52, configured to query first data from a database according to the first data request, where the first data includes at least one first primary key ID of a database table, and the first primary key ID is used to index a table record in the database;
a first encryption module 54, configured to encrypt each first primary key ID in the first data to obtain second data;
a first sending module 56, configured to send the second data to the web client.
Optionally, the first encryption module includes: the filtering unit is used for filtering the first data by adopting a regular expression to obtain the first primary key ID; a generating unit, configured to generate an encryption sequence based on the first primary key ID by using a preset encryption algorithm; and the replacing unit is used for replacing the first primary key ID in the first data with the encryption sequence to obtain the second data.
Optionally, the generating unit includes: the computing subunit is used for adding a specific value to the ID of the first primary key to obtain a basic value to be encrypted; the encryption subunit is configured to encrypt the basic value by using a first encryption algorithm to obtain a first encrypted value, and encrypt the random value by using a second encryption algorithm to obtain a second encrypted value; a concatenation subunit for concatenating the base value, the first cryptographic value, and the second cryptographic value with a connector to generate the encrypted sequence.
Optionally, the apparatus further comprises: the second receiving module is used for receiving a second data request triggered by the web client based on the encrypted first primary key ID after the second data is sent to the web client; the decryption module is used for decrypting the second data request to obtain a first primary key ID in the request parameter; the packaging module is used for inquiring table records in the database by taking the first primary key ID as an index and packaging third data based on the table records; the second encryption module is used for encrypting the second primary key ID in the third data to obtain fourth data; and the second sending module is used for sending the fourth data to the web client.
Optionally, the decryption module includes: the filtering unit is used for filtering the second data request by adopting a regular expression to obtain an encryption sequence corresponding to the first primary key ID, wherein the encryption sequence consists of a basic value and an encryption value; the encryption unit is used for encrypting the basic value by adopting a preset encryption algorithm to obtain a decrypted value; a judging unit for judging whether the decrypted value is consistent with the encrypted value; and the resolving unit is used for resolving the source ID in the basic value to obtain the first primary key ID if the decrypted value is consistent with the encrypted value.
Fig. 6 is a block diagram of another data transmission apparatus according to an embodiment of the present invention, applied to a client, as shown in fig. 6, the apparatus includes: a first transmitting module 60, a first receiving module 62, a generating module 64, wherein,
a first sending module 60 for sending a first data request to the web server;
a first receiving module 62, configured to receive first request result data that is fed back by the web server based on the first data request, where the first request result data includes an encrypted sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used to index a table record in the database;
and a generating module 64, configured to generate a rendered page in the browser according to the first request result data.
Optionally, the apparatus further comprises: a second sending module, configured to send a second data request to the web server after a rendered page is generated in a browser according to the first request result data, where the second data request carries the encryption sequence; and the second receiving module is used for receiving second request result data fed back by the web server based on the second data request.
Fig. 7 is a block diagram of a data transmission system according to an embodiment of the present invention, and as shown in fig. 7, the system includes: a web client 70 and a web server 72, wherein the web server includes the device described in the present embodiment (as shown in fig. 5), and the web client includes the device described (as shown in fig. 6).
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
Example 3
Embodiments of the present invention also provide a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
Alternatively, in the present embodiment, the storage medium may be configured to store a computer program for executing the steps of:
s1, receiving a first data request of the web client;
s2, inquiring first data from a database according to the first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
s3, encrypting each first primary key ID in the first data to obtain second data;
s4, sending the second data to the web client.
Optionally, in this embodiment, the storage medium may include, but is not limited to: various media capable of storing computer programs, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, receiving a first data request of the web client;
s2, inquiring first data from a database according to the first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
s3, encrypting each first primary key ID in the first data to obtain second data;
s4, sending the second data to the web client.
Optionally, for a specific example in this embodiment, reference may be made to the examples described in the above embodiment and optional implementation, and this embodiment is not described herein again.
Fig. 8 is a block diagram of an electronic device implementing an embodiment of the invention. As shown in fig. 8, the device includes a processor 41 and a memory 42 for storing data, which are connected by a communication bus 44, and a communication interface 43 connected to the communication bus 44 and adapted to connect with other components or external devices.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application, or portions or all or portions of the technical solutions that contribute to the prior art, may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.
Claims (10)
1. A method of data transmission, comprising:
receiving a first data request of a web client;
querying first data from a database according to the first data request, wherein the first data comprises at least one first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
encrypting each first primary key ID in the first data to obtain second data;
sending the second data to the web client;
after sending the second data to the web client, the method further comprises:
receiving a second data request triggered by the web client based on the encrypted first primary key ID;
decrypting the second data request to obtain a first primary key ID in request parameters;
taking the ID of the first primary key as an index, inquiring a table record in the database, and packaging third data based on the table record;
encrypting the second primary key ID in the third data to obtain fourth data;
sending the fourth data to the web client;
decrypting the second data request to obtain a first primary key ID in request parameters, comprising:
filtering the second data request by adopting a regular expression to obtain an encryption sequence corresponding to the first primary key ID, wherein the encryption sequence consists of a basic value and an encryption value;
encrypting the basic value by adopting a preset encryption algorithm to obtain a decrypted value;
judging whether the decrypted value is consistent with the encrypted value;
and if the decrypted value is consistent with the encrypted value, resolving the source ID in the basic value to obtain the first primary key ID.
2. The method according to claim 1, wherein encrypting each of the first primary key IDs in the first data to obtain second data comprises:
filtering the first data by adopting a regular expression to obtain the ID of the first primary key;
generating an encryption sequence based on the first primary key ID by adopting a preset encryption algorithm;
and replacing the first primary key ID in the first data with the encryption sequence to obtain the second data.
3. The method of claim 2, wherein generating an encryption sequence based on the first primary key ID using a preset encryption algorithm comprises:
adding a specific value to the ID of the first primary key to obtain a basic value to be encrypted;
encrypting the basic value by adopting a first encryption algorithm to obtain a first encrypted value, and encrypting the random value by adopting a second encryption algorithm to obtain a second encrypted value;
concatenating the base value, the first cryptographic value, and the second cryptographic value with a connector to generate the encrypted sequence.
4. A method of data transmission, comprising:
sending a first data request to a web server;
receiving first request result data fed back by the web server based on the first data request, wherein the first request result data comprises an encrypted sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used for indexing table records in the database;
generating a rendering page in a browser according to the first request result data;
after generating a rendered page at a browser in accordance with the first request result data, the method further comprises:
sending a second data request to the web server, wherein the second data request carries the encryption sequence, so that the web server decrypts the second data request to obtain a first primary key ID in request parameters, looks up a table record in a database by taking the first primary key ID as an index, packs third data based on the table record, and encrypts a second primary key ID in the third data to obtain fourth data;
and receiving second request result data fed back by the web server based on the second data request.
5. A data transmission apparatus, comprising:
the first receiving module is used for receiving a first data request of the web client;
a query module, configured to query first data from a database according to the first data request, where the first data includes at least one first primary key ID of a database table, and the first primary key ID is used to index a table record in the database;
the first encryption module is used for encrypting each first primary key ID in the first data to obtain second data;
the first sending module is used for sending the second data to the web client;
the second receiving module is used for receiving a second data request triggered by the web client based on the encrypted first primary key ID after the second data is sent to the web client;
the decryption module is used for decrypting the second data request to obtain a first primary key ID in the request parameter;
the packaging module is used for inquiring table records in the database by taking the first primary key ID as an index and packaging third data based on the table records;
the second encryption module is used for encrypting the second primary key ID in the third data to obtain fourth data;
the second sending module is used for sending the fourth data to the web client;
the decryption module is specifically configured to filter the second data request by using a regular expression to obtain an encryption sequence corresponding to the first primary key ID, where the encryption sequence is composed of a base value and an encrypted value;
encrypting the basic value by adopting a preset encryption algorithm to obtain a decrypted value;
judging whether the decrypted value is consistent with the encrypted value;
and if the decrypted value is consistent with the encrypted value, resolving the source ID in the basic value to obtain the first primary key ID.
6. A data transmission apparatus, comprising:
the first sending module is used for sending a first data request to the web server;
a first receiving module, configured to receive first request result data fed back by the web server based on the first data request, where the first request result data includes an encrypted sequence corresponding to a first primary key ID of a database table, and the first primary key ID is used to index a table record in the database;
the generating module is used for generating a rendering page in a browser according to the first request result data;
the second sending module is used for sending a second data request to the web server after a rendered page is generated in the browser according to the first request result data, so that the web server decrypts the second data request to obtain a first primary key ID in the request parameter; taking the ID of the first primary key as an index, inquiring a table record in a database, and packing third data based on the table record; encrypting a second primary key ID in the third data to obtain fourth data, wherein the second data request carries the encryption sequence;
and the second receiving module is used for receiving second request result data fed back by the web server based on the second data request.
7. A data transmission system, comprising: a web client, a web server, wherein,
the web server comprising the apparatus of claim 5;
the web client comprising the apparatus of claim 6.
8. A storage medium, in which a computer program is stored, wherein the computer program is arranged to perform the method of any of claims 1 to 4 when executed.
9. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and wherein the processor is arranged to execute the computer program to perform the method of any of claims 1 to 4.
10. A computer device comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions, characterized in that, when the program instructions are executed by a computer, the computer is caused to perform the steps of the method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010145896.8A CN111464496B (en) | 2020-03-05 | 2020-03-05 | Data transmission method, device, system, storage medium and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010145896.8A CN111464496B (en) | 2020-03-05 | 2020-03-05 | Data transmission method, device, system, storage medium and electronic device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111464496A CN111464496A (en) | 2020-07-28 |
| CN111464496B true CN111464496B (en) | 2022-07-05 |
Family
ID=71680943
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010145896.8A Active CN111464496B (en) | 2020-03-05 | 2020-03-05 | Data transmission method, device, system, storage medium and electronic device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111464496B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115378743B (en) * | 2022-10-25 | 2023-01-17 | 北京国电通网络技术有限公司 | Information encryption transmission method, device, equipment and medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104794123A (en) * | 2014-01-20 | 2015-07-22 | 阿里巴巴集团控股有限公司 | Method and device for establishing NoSQL database index for semi-structured data |
| CN108021677A (en) * | 2017-12-07 | 2018-05-11 | 成都博睿德科技有限公司 | The control method of cloud computing distributed search engine |
| CN108197505A (en) * | 2017-12-29 | 2018-06-22 | 泰康保险集团股份有限公司 | Block chain business data processing method, device and electronic equipment |
| CN109063070A (en) * | 2018-07-23 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of operating method and database server of database |
| CN109656930A (en) * | 2018-12-27 | 2019-04-19 | 广州华多网络科技有限公司 | Data query method, apparatus and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101873214A (en) * | 2009-04-24 | 2010-10-27 | 索尼株式会社 | Method for generating, encrypting and decrypting key in broadcast encryption as well as device |
| US10650161B2 (en) * | 2018-01-05 | 2020-05-12 | Sap Se | Data protection management system compliant identification handling |
-
2020
- 2020-03-05 CN CN202010145896.8A patent/CN111464496B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104794123A (en) * | 2014-01-20 | 2015-07-22 | 阿里巴巴集团控股有限公司 | Method and device for establishing NoSQL database index for semi-structured data |
| CN108021677A (en) * | 2017-12-07 | 2018-05-11 | 成都博睿德科技有限公司 | The control method of cloud computing distributed search engine |
| CN108197505A (en) * | 2017-12-29 | 2018-06-22 | 泰康保险集团股份有限公司 | Block chain business data processing method, device and electronic equipment |
| CN109063070A (en) * | 2018-07-23 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of operating method and database server of database |
| CN109656930A (en) * | 2018-12-27 | 2019-04-19 | 广州华多网络科技有限公司 | Data query method, apparatus and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111464496A (en) | 2020-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105553951B (en) | Data transmission method and device | |
| CN108241517B (en) | Software upgrading method, client and electronic equipment | |
| CN111107066A (en) | Sensitive data transmission method and system, electronic equipment and storage medium | |
| CN108347419A (en) | Data transmission method and device | |
| CN111131282B (en) | Request encryption method and device, electronic equipment and storage medium | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN110166489B (en) | Data transmission method, system, equipment and computer medium in Internet of things | |
| CN110417544B (en) | Root key generation method, device and medium | |
| CN110505066A (en) | A kind of data transmission method, device, equipment and storage medium | |
| CN111404953A (en) | Message encryption method, message decryption method, related devices and related systems | |
| CN110912682A (en) | Data processing method, device and system | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| CN114465803A (en) | Object authorization method, device, system and storage medium | |
| CN111464496B (en) | Data transmission method, device, system, storage medium and electronic device | |
| CN111585998B (en) | Audit data secure transmission method and system | |
| CN110598427B (en) | Data processing method, system and storage medium | |
| CN110912683B (en) | Password storage method and device and password verification method and device | |
| CN111490880B (en) | File receiving method and device | |
| CN110875902A (en) | Communication method, device and system | |
| CN113946862A (en) | Data processing method, device and equipment and readable storage medium | |
| CN113794706A (en) | Data processing method and device, electronic equipment and readable storage medium | |
| CN111506913A (en) | Audio encryption method and device, storage medium and electronic device | |
| CN115529131B (en) | Data encryption and decryption method and device based on dynamic key | |
| CN110210236B (en) | Data association method and device | |
| CN112491922B (en) | Centralized gateway data protection method, gateway equipment, data server and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 100032 NO.332, 3rd floor, Building 102, 28 xinjiekouwai street, Xicheng District, Beijing Applicant after: Qianxin Technology Group Co.,Ltd. Applicant after: Qianxin Wangshen information technology (Beijing) Co., Ltd Address before: 100032 NO.332, 3rd floor, Building 102, 28 xinjiekouwai street, Xicheng District, Beijing Applicant before: Qianxin Technology Group Co.,Ltd. Applicant before: Wangshen information technology (Beijing) Co., Ltd |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |