CN111510301A - Encryption type engineering change management system and management method applied to production management - Google Patents

Encryption type engineering change management system and management method applied to production management Download PDF

Info

Publication number
CN111510301A
CN111510301A CN202010284019.9A CN202010284019A CN111510301A CN 111510301 A CN111510301 A CN 111510301A CN 202010284019 A CN202010284019 A CN 202010284019A CN 111510301 A CN111510301 A CN 111510301A
Authority
CN
China
Prior art keywords
server
client
key
encrypted
encrypts
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010284019.9A
Other languages
Chinese (zh)
Other versions
CN111510301B (en
Inventor
林淑君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Meisheng Electronics Co ltd
Original Assignee
Suzhou Meisheng Electronics Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Meisheng Electronics Co ltd filed Critical Suzhou Meisheng Electronics Co ltd
Priority to CN202010284019.9A priority Critical patent/CN111510301B/en
Publication of CN111510301A publication Critical patent/CN111510301A/en
Application granted granted Critical
Publication of CN111510301B publication Critical patent/CN111510301B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an encryption type engineering change management system and method applied to production management, comprising a server, a database and one or more first clients, wherein the first clients are used for submitting engineering change information to the server according to preset change rules, and the engineering change information comprises encrypted data information and files; the server receives the engineering change information, decrypts the data information in the engineering change information, stores the encrypted data information in a database if the decrypted data information conforms to the specification, and uniformly stores the files to a specified position; and the server displays the changed information to the client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information. The invention is convenient for changing and inquiring the engineering change information, adopts the time shaft to display according to the updating time, and is distinguished by different graphs and colors, clear and intuitive, and easy to check.

Description

Encryption type engineering change management system and management method applied to production management
Technical Field
The invention relates to the field of production, processing and manufacturing informatization, in particular to an encryption type engineering change management system and method applied to production management.
Background
At present, a change control standard is firstly formulated in engineering change management modes of a plurality of enterprises, then the management is carried out according to the standard, the enterprises establish SAMBA servers, data are stored on the servers in a centralized mode, the authority is set, the management can be carried out only after workers need to be trained, and due to the fact that the management is carried out manually and is limited by problems of the workers, the situation that the data are stored untimely, storage errors occur, the data are disordered and scattered can be caused, and the situation that the data are difficult to manage can be caused in the long term.
HTM L5 and CSS3 are required to be used for page display, Javascript is required to be used for page interaction, PHP is required to be used for server side logic processing, server related knowledge and database technology need to be known for building such a system at present, and in order to solve the problems that a lot of data changes are generated by product updating iteration in the enterprise production, processing and manufacturing processes to cause inconvenient data management, disordered data, dispersion and the like, a set of management system convenient for employees to submit engineering change information needs to be developed urgently.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides an encryption type engineering change management system and a management method applied to production management, and the technical scheme is as follows:
in one aspect, the invention provides an encrypted engineering change management system applied to production management, which comprises a server, a database, one or more first clients and one or more second clients, wherein the first clients are used for submitting engineering change information to the server according to preset change rules, and the engineering change information comprises encrypted data information and files;
the server receives the engineering change information and decrypts the data information, if the decrypted data information meets the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions;
and the server displays the changed information to the first client and/or the second client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information.
Further, the data information is encrypted and verified by adopting the following steps:
s11, obtaining a shared key by the first client and the server based on the key agreement algorithm of asymmetric encryption;
s12, the first client encrypts the user ID by using the shared secret key and sends the encrypted ID to the server;
s13, the server side decrypts the received ID by using the shared key, and searches the corresponding Salt1 and Salt2 of the ID in the database;
s14, the server side encrypts Salt1 and Salt2 by using the shared key and sends the encrypted Salt1 and Salt2 to the first client side;
s15, the first client decrypts the Salt1 and the Salt2 according to the shared key, calculates a first salted hash according to the decrypted Salt1, and calculates a second salted hash according to the decrypted Salt2 and the first salted hash;
s16, the first client side uses the second salt-added hash as an AES key, encrypts a user ID and the first salt-added hash to obtain a bill, encrypts the bill by using the shared key and then sends the bill to the server side;
s17, the server side decrypts the shared secret key to obtain the user ID and the first salt hash in the bill;
s18, the server side searches the database for a second salt adding hash corresponding to the ID obtained by decryption in S17, recalculates the second salt adding hash according to the first salt adding hash obtained by decryption in S17, compares whether the two are consistent, and if so, verifies that the encrypted password is correct.
Further, after the file verifies that the encryption password is correct at the server side, the file is encrypted through the following steps:
s21, the server side generates a random temporary key and sends the random temporary key to the first client side;
s22, the first client encrypts the file through the temporary key and sends the file to a server; or the server encrypts the file through the temporary key and sends the file to the first client and/or the second client.
Further, the temporary key in step S21 is sent after being encrypted by a randomly generated random key, and includes:
the first client randomly generates a random key, encrypts the user ID, the first salted hash and the random key in step S16 to obtain a ticket, encrypts the ticket by using the shared key, and sends the encrypted ticket to the server;
in step S17, the server decrypts the shared key to obtain the user ID, the first salted hash, and the random key in the ticket;
in step S21, the server encrypts the temporary key using the random key, and sends the encrypted temporary key to the first client.
Further, the ticket encrypted in step S16 further includes a time for recording the transmission of the data packet, so as to prevent the record playback attack.
Further, the server side decrypts the data information in the engineering change information, and judges whether the file name length in the decrypted content exceeds a preset length threshold value and/or whether the file name contains special characters, so as to determine whether the decrypted data information meets the specification.
Further, in response to a query request of the first client and/or the second client for the engineering change information, the server returns queried data to the front-end browser, and the front-end browser adds different icons and/or colors according to the change type for displaying in a CANVAS mode.
Further, the data information of the engineering change information includes change time, the server-side performs descending order arrangement on the inquired data according to the change time, and returns the descending order data to the browser.
Further, if the first client and/or the second client requests to download the corresponding file, the server runs a download link of the corresponding file, so that the corresponding file stored at the specified position is copied to the local of the first client and/or the second client.
On the other hand, the invention provides an encryption type engineering change management method applied to production management, which comprises the following steps:
the first client is used for submitting engineering change information to the server according to a preset change rule, and encrypting data information and files of the engineering change information by using the following encryption method: s11, obtaining a shared key by the first client and the server based on the key agreement algorithm of asymmetric encryption; s12, the first client encrypts the user ID by using the shared secret key and sends the encrypted ID to the server; s13, the server side decrypts the received ID by using the shared key, and searches the corresponding Salt1 and Salt2 of the ID in the database; s14, the server side encrypts Salt1 and Salt2 by using the shared key and sends the encrypted Salt1 and Salt2 to the first client side; s15, the first client decrypts the Salt1 and the Salt2 according to the shared key, calculates a first salted hash according to the decrypted Salt1, and calculates a second salted hash according to the decrypted Salt2 and the first salted hash; s16, the first client side uses the second salt-added hash as an AES key, encrypts a user ID and the first salt-added hash to obtain a bill, encrypts the bill by using the shared key and then sends the bill to the server side; s17, the server side decrypts the shared secret key to obtain the user ID and the first salt hash in the bill; s18, the server side searches a second salt adding hash corresponding to the ID obtained by decryption in S17 in the database, recalculates the second salt adding hash according to the first salt adding hash obtained by decryption in S17, compares whether the two are consistent, and if so, verifies that the encrypted password is correct; s21, the server side generates a random temporary key and sends the random temporary key to the first client side; s22, the first client encrypts the file through the temporary key and sends the file to a server; or the server encrypts the file through the temporary key and sends the file to the first client and/or the second client;
the server receives the engineering change information and decrypts the data information, if the decrypted data information meets the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions;
and the server displays the changed information to the first client and/or the second client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information.
The technical scheme provided by the invention has the following beneficial effects:
a. the engineering change records are displayed conveniently, visually, clearly and easily, a time axis is adopted for displaying, the latest changes are on the top, different types of changes are distinguished by different graphs and colors respectively, and when the change records are many, the changes are easy to check;
b. the changed contents are managed in a unified and centralized manner, the problem of file scattered storage is solved, the access is fast, and the changed contents are all stored on the server, so that the follow-up is facilitated;
c. the system maintenance cost is low, and the browsing operation is simple and convenient.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a block diagram of an encrypted change-of-engineering management system applied to production management according to an embodiment of the present invention;
FIG. 2 is a flowchart of a management method of an encrypted engineering change management system applied to production management according to an embodiment of the present invention;
fig. 3 is a flowchart of a method for encrypting and verifying data information by an engineering change management system according to an embodiment of the present invention;
FIG. 4 is a design flow of an SA L T encryption algorithm provided by an embodiment of the invention;
FIG. 5 is an interface for authorizing a client to submit project change information to a server according to an embodiment of the present invention;
fig. 6 is a time-axis pipeline type engineering change information displayed by the front-end browser according to the embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, apparatus, article, or device that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or device.
In an embodiment of the present invention, an encrypted engineering change management system applied to production management is provided, as shown in fig. 1, the engineering change management system includes a server, a database, one or more first clients and one or more second clients, in an embodiment of the present invention, the first clients are authorized clients, and the second clients are unauthorized clients.
The first client is used for submitting engineering change information to the server according to a preset change rule, wherein the engineering change information comprises encrypted data information and files.
Specifically, as shown in fig. 5, on the front-end browser, the first client fills or selects the project change information items, such as the model name, the client name, the change type (CODE, BOM table, AP specification, mobile APP or PDF document), the file name, the change content, and uploads the file according to the preset rule, that is, according to the rule shown in fig. 5.
The specific encryption process is described in detail below.
Secondly, the server receives the engineering change information and decrypts the data information therein, if the decrypted data information conforms to the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions.
Specifically, the server decrypts the data information in the engineering change information, and determines whether the file name length in the decrypted content exceeds a preset length threshold and/or whether the file name contains special characters, so as to determine whether the decrypted data information meets the specification.
And as shown in fig. 6, the server displays the changed information to the first client and/or the second client in a time-axis pipeline manner, and provides a corresponding file download index, where the data displayed by the server is decrypted data information.
As shown in fig. 3, in an embodiment of the present invention, the data information is encrypted and verified by the following steps:
s11, obtaining a shared key by the first client and the server based on the key agreement algorithm of asymmetric encryption;
s12, the first client encrypts the user ID by using the shared key SharedKey and sends the encrypted ID to the server;
s13, the server side decrypts the received ID by using the shared key SharedKey, and searches the corresponding Salt1 and Salt2 of the ID in the database;
s14, the server side encrypts Salt1 and Salt2 by using the shared key SharedKey and sends the encrypted Salt1 and Salt2 to the first client side;
s15, the first client decrypts the Salt1 and the Salt2 according to the shared key SharedKey, calculates a first salted HashHash 1 according to the decrypted Salt1, and calculates a second salted HashHash SaltHash2 according to the decrypted Salt2 and the first salted HashHash 1;
s16, the first client side uses the second salted HashSaltHash 2 as an AES key to encrypt a user ID and the first salted HashHash 1 to obtain a Ticket Ticket, encrypts the Ticket Ticket by using the shared key SharedKey and then sends the Ticket Ticket to the server side;
s17, the server side decrypts according to the shared key SharedKey to obtain a user ID and a first salted HashHashHashHash 1 in the Ticket Ticket;
s18, the server side searches a second saltadded Hash2 corresponding to the ID obtained by decryption in S17 in the database, recalculates the second saltadded Hash2 according to the first saltadded Hash1 obtained by decryption in S17, compares whether the two saltadded Hash are consistent, and if the two saltadded Hash are consistent, the server side verifies that the encryption password is correct.
As shown in fig. 4, after the file verifies that the encryption password is correct, the file is encrypted by the following steps:
s21, the server side generates a random temporary key TempKey and sends the random temporary key TempKey to the first client side;
s22, the first client encrypts the file through the temporary key TempKey and sends the file to a server; or the server encrypts the file through the temporary key TempKey and sends the file to the first client and/or the second client.
Further, the temporary key TempKey in step S21 is sent after being encrypted by using a random key RandKey generated randomly, and includes:
the first client randomly generates a random key, encrypts a user ID, a first salted HashHash 1 and the random key Randkey in step S16 to obtain a Ticket, encrypts the Ticket by using the shared key SharedKey and then sends the Ticket to the server;
in step S17, the server decrypts the shared key SharedKey to obtain the user ID, the first salted hash SaltHash1, and the random key RandKey in the Ticket;
in step S21, the server encrypts the temporary key TempKey using the random key RandKey, and sends the encrypted temporary key TempKey to the first client.
In a preferred embodiment of the present invention, the Ticket encrypted in step S16 further includes a time for recording the transmission of the data packet, so as to prevent a record playback attack, as shown in fig. 4:
Ticket=AES(SaltHash2,uid+time+SaltHash1+RandKey)。
as shown in fig. 6, in response to a query request of a first client and/or a second client for engineering change information, the server returns queried data to a front-end browser, where the front-end browser adds different icons and/or colors according to a change type for displaying in a CANVASs manner; preferably, the data information of the engineering change information includes change time, and the server performs descending order arrangement on the inquired data according to the change time and returns the descending order data to the browser.
As shown in fig. 6, if the first client and/or the second client requests to download a corresponding file, the "download" button is clicked, and the server runs a download link of the corresponding file to copy the corresponding file stored at a designated location to the local of the first client and/or the second client.
In an embodiment of the present invention, the present invention provides an encryption type engineering change management method applied to production management, as shown in fig. 2, including the following steps:
the first client is used for submitting engineering change information to the server according to a preset change rule, and encrypting data information and files of the engineering change information by using the following encryption method: s11, obtaining a shared key SharedKey by the first client and the server based on the key agreement algorithm of asymmetric encryption; s12, the first client encrypts the user ID by using the shared key SharedKey and sends the encrypted ID to the server; s13, the server side decrypts the received ID by using the shared key SharedKey, and searches the corresponding Salt1 and Salt2 of the ID in the database; s14, the server side encrypts Salt1 and Salt2 by using the shared key SharedKey and sends the encrypted Salt1 and Salt2 to the first client side; s15, the first client decrypts the Salt1 and the Salt2 according to the shared key SharedKey, calculates a first salted HashHash 1 according to the decrypted Salt1, and calculates a second salted HashHash SaltHash2 according to the decrypted Salt2 and the first salted HashHash 1; s16, the first client side uses the second salted HashSaltHash 2 as an AES key to encrypt a user ID and the first salted HashHash 1 to obtain a Ticket Ticket, encrypts the Ticket Ticket by using the shared key SharedKey and then sends the Ticket Ticket to the server side; s17, the server side decrypts according to the shared key SharedKey to obtain a user ID and a first salted HashHashHashHash 1 in the Ticket Ticket; s18, the server side searches a second saltingHash SaltHash2 corresponding to the ID obtained by decryption in S17 in the database, recalculates a second saltingHash SaltHash2 according to the first saltingHash SaltHash1 obtained by decryption in S17, compares whether the two saltingHash are consistent, and if so, verifies that the encryption password is correct; s21, the server side generates a random temporary key and sends the random temporary key to the first client side; s22, the first client encrypts the file through the temporary key and sends the file to a server; or the server encrypts the file through the temporary key and sends the file to the first client and/or the second client;
the server receives the engineering change information and decrypts the data information, if the decrypted data information meets the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions;
and the server displays the changed information to the first client and/or the second client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information.
The invention is convenient for changing and inquiring the engineering change information, adopts the time shaft to display according to the updating time, and is distinguished by different graphs and colors, clear and intuitive, and easy to check.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (10)

1. An encryption type engineering change management system applied to production management is characterized by comprising a server side, a database, one or more first clients and one or more second clients, wherein the first clients are used for submitting engineering change information to the server side according to preset change rules, and the engineering change information comprises encrypted data information and files;
the server receives the engineering change information and decrypts the data information, if the decrypted data information meets the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions;
and the server displays the changed information to the first client and/or the second client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information.
2. The project change management system of claim 1, wherein the data information is encrypted and verified by the steps of:
s11, obtaining a shared key by the first client and the server based on the key agreement algorithm of asymmetric encryption;
s12, the first client encrypts the user ID by using the shared secret key and sends the encrypted ID to the server;
s13, the server side decrypts the received ID by using the shared key, and searches the corresponding Salt1 and Salt2 of the ID in the database;
s14, the server side encrypts Salt1 and Salt2 by using the shared key and sends the encrypted Salt1 and Salt2 to the first client side;
s15, the first client decrypts the Salt1 and the Salt2 according to the shared key, calculates a first salted hash according to the decrypted Salt1, and calculates a second salted hash according to the decrypted Salt2 and the first salted hash;
s16, the first client side uses the second salt-added hash as an AES key, encrypts a user ID and the first salt-added hash to obtain a bill, encrypts the bill by using the shared key and then sends the bill to the server side;
s17, the server side decrypts the shared secret key to obtain the user ID and the first salt hash in the bill;
s18, the server side searches the database for a second salt adding hash corresponding to the ID obtained by decryption in S17, recalculates the second salt adding hash according to the first salt adding hash obtained by decryption in S17, compares whether the two are consistent, and if so, verifies that the encrypted password is correct.
3. The project change management system according to claim 2, wherein the file is encrypted after the server verifies that the encryption password is correct by the following steps:
s21, the server side generates a random temporary key and sends the random temporary key to the first client side;
s22, the first client encrypts the file through the temporary key and sends the file to a server; or the server encrypts the file through the temporary key and sends the file to the first client and/or the second client.
4. The project change management system according to claim 3, wherein the temporary key in step S21 is transmitted after being encrypted by a randomly generated random key, and the temporary key includes:
the first client randomly generates a random key, encrypts the user ID, the first salted hash and the random key in step S16 to obtain a ticket, encrypts the ticket by using the shared key, and sends the encrypted ticket to the server;
in step S17, the server decrypts the shared key to obtain the user ID, the first salted hash, and the random key in the ticket;
in step S21, the server encrypts the temporary key using the random key, and sends the encrypted temporary key to the first client.
5. The project change management system according to claim 2, wherein the ticket encrypted in step S16 further includes a time for recording the transmission of the data packet to prevent a record replay attack.
6. The system according to claim 1, wherein the server decrypts the data information in the engineering change information, and determines whether a file name length in the decrypted content exceeds a preset length threshold and/or whether the file name contains a special character, so as to determine whether the decrypted data information meets a specification.
7. The project change management system according to claim 1, wherein in response to a query request of the first client and/or the second client for project change information, the server returns queried data to a front-end browser, and the front-end browser adds different icons and/or colors according to a change type for displaying in a CANVAS manner.
8. The project change management system according to claim 7, wherein the data information of the project change information includes a change time, and the server side arranges the inquired data in descending order according to the change time and returns the data in descending order to the browser.
9. The project change management system according to claim 1, wherein if the first client and/or the second client requests to download the corresponding file, the server runs a download link of the corresponding file to copy the corresponding file saved at the designated location to a local of the first client and/or the second client.
10. An encryption type engineering change management method applied to production management is characterized by comprising the following steps:
the first client is used for submitting engineering change information to the server according to a preset change rule, and encrypting data information and files of the engineering change information by using the following encryption method: s11, obtaining a shared key by the first client and the server based on the key agreement algorithm of asymmetric encryption; s12, the first client encrypts the user ID by using the shared secret key and sends the encrypted ID to the server; s13, the server side decrypts the received ID by using the shared key, and searches the corresponding Salt1 and Salt2 of the ID in the database; s14, the server side encrypts Salt1 and Salt2 by using the shared key and sends the encrypted Salt1 and Salt2 to the first client side; s15, the first client decrypts the Salt1 and the Salt2 according to the shared key, calculates a first salted hash according to the decrypted Salt1, and calculates a second salted hash according to the decrypted Salt2 and the first salted hash; s16, the first client side uses the second salt-added hash as an AES key, encrypts a user ID and the first salt-added hash to obtain a bill, encrypts the bill by using the shared key and then sends the bill to the server side; s17, the server side decrypts the shared secret key to obtain the user ID and the first salt hash in the bill; s18, the server side searches a second salt adding hash corresponding to the ID obtained by decryption in S17 in the database, recalculates the second salt adding hash according to the first salt adding hash obtained by decryption in S17, compares whether the two are consistent, and if so, verifies that the encrypted password is correct; s21, the server side generates a random temporary key and sends the random temporary key to the first client side; s22, the first client encrypts the file through the temporary key and sends the file to a server; or the server encrypts the file through the temporary key and sends the file to the first client and/or the second client;
the server receives the engineering change information and decrypts the data information, if the decrypted data information meets the specification, the encrypted data information is stored in a database, and the files are uniformly stored to the designated positions;
and the server displays the changed information to the first client and/or the second client in a time axis pipeline mode, and provides a corresponding file downloading index, wherein the data displayed by the server is decrypted data information.
CN202010284019.9A 2020-04-13 2020-04-13 Encryption type engineering change management system and management method applied to production management Active CN111510301B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010284019.9A CN111510301B (en) 2020-04-13 2020-04-13 Encryption type engineering change management system and management method applied to production management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010284019.9A CN111510301B (en) 2020-04-13 2020-04-13 Encryption type engineering change management system and management method applied to production management

Publications (2)

Publication Number Publication Date
CN111510301A true CN111510301A (en) 2020-08-07
CN111510301B CN111510301B (en) 2023-02-28

Family

ID=71878775

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010284019.9A Active CN111510301B (en) 2020-04-13 2020-04-13 Encryption type engineering change management system and management method applied to production management

Country Status (1)

Country Link
CN (1) CN111510301B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040098382A1 (en) * 2002-11-14 2004-05-20 Yuh-Ying Chuang Method and system for processing engineering change orders
US20070011205A1 (en) * 2000-08-04 2007-01-11 Agile Software Corporation Data management system and method for propagating product manufacturing information to disparate information systems
CN102638578A (en) * 2012-03-29 2012-08-15 深圳市高正软件有限公司 Data synchronization method and data synchronization system based on mobile devices
CN109345365A (en) * 2018-09-11 2019-02-15 航天信息股份有限公司 A kind of tax controlling equipment information remote variation and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070011205A1 (en) * 2000-08-04 2007-01-11 Agile Software Corporation Data management system and method for propagating product manufacturing information to disparate information systems
US20040098382A1 (en) * 2002-11-14 2004-05-20 Yuh-Ying Chuang Method and system for processing engineering change orders
CN102638578A (en) * 2012-03-29 2012-08-15 深圳市高正软件有限公司 Data synchronization method and data synchronization system based on mobile devices
CN109345365A (en) * 2018-09-11 2019-02-15 航天信息股份有限公司 A kind of tax controlling equipment information remote variation and system

Also Published As

Publication number Publication date
CN111510301B (en) 2023-02-28

Similar Documents

Publication Publication Date Title
CN107925660B (en) Data access and ownership management
JP6609010B2 (en) Multiple permission data security and access
US10762229B2 (en) Secure searchable and shareable remote storage system and method
US9070112B2 (en) Method and system for securing documents on a remote shared storage resource
CN106464732B (en) Method for accessing and providing access to remote resources from a data processing device
US8555059B2 (en) Secure local update of content management software
CN111783075A (en) Authority management method, device and medium based on secret key and electronic equipment
EP3469512A1 (en) Systems and methods for secure storage of user information in a user profile
US10630722B2 (en) System and method for sharing information in a private ecosystem
KR20200085095A (en) Electronic apparatus and method for managing data based on block chain
EP2999159A1 (en) Safety control method for cloud storage
KR20220092811A (en) Method and device for storing encrypted data
US20190340264A1 (en) Data exchange group system and a method thereof
CN103577726B (en) Digital publishing rights based on equipment method of commerce again
CN110603538B (en) Encrypted search cloud service using password sharing
CN108768938B (en) A kind of web data encryption and decryption method and device
CN103530533A (en) Digital rights management method and re-trading method
CN111510301B (en) Encryption type engineering change management system and management method applied to production management
TW201812610A (en) Method and system for securely sharing content
US10043015B2 (en) Method and apparatus for applying a customer owned encryption
JPH11331145A (en) Information sharing system, information preserving device, information processing method and recording medium therefor
TW201308121A (en) DRM apparatus and DRM method
KR101635005B1 (en) Method for managing metadata in a digital data safe system based on cloud
WO2018232021A2 (en) Systems and methods for secure storage of user information in a user profile
US11843619B1 (en) Stateless system to enable data breach notification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant