CN112487455A - Data processing method and device and data interaction system - Google Patents
Data processing method and device and data interaction system Download PDFInfo
- Publication number
- CN112487455A CN112487455A CN202011413843.6A CN202011413843A CN112487455A CN 112487455 A CN112487455 A CN 112487455A CN 202011413843 A CN202011413843 A CN 202011413843A CN 112487455 A CN112487455 A CN 112487455A
- Authority
- CN
- China
- Prior art keywords
- decryption key
- key
- multimedia data
- decryption
- encrypted multimedia
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 26
- 230000003993 interaction Effects 0.000 title claims abstract description 10
- 238000004891 communication Methods 0.000 claims abstract description 64
- 238000000034 method Methods 0.000 claims abstract description 39
- 230000005540 biological transmission Effects 0.000 claims description 20
- 238000004590 computer program Methods 0.000 claims description 11
- 230000001960 triggered effect Effects 0.000 claims description 5
- 238000005336 cracking Methods 0.000 abstract description 12
- 239000012634 fragment Substances 0.000 description 20
- 238000010586 diagram Methods 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000010408 sweeping Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/14—Direct-mode setup
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
Abstract
本申请涉及一种数据处理方法、装置及数据交互系统,该技术方案终端设备只能通过与智能设备建立短距离通信连接,才能获取到多媒体数据的解密密钥,这样,即便服务器被恶意第三方攻破,其中的多媒体数据也无法被随意查看,恶意第三方需要逐个与智能设备建立连接才能获取密钥,破解难度增大,降低信息泄露的可能性。另外,由于获取密钥的通信方式为短距离通信方式,能够有效避免恶意用户通过远程方式批量破解智能设备,以在短时间内获取大量的解密密钥,进一步提高破解难度,提高了信息安全性。
The present application relates to a data processing method, device and data interaction system. In this technical solution, a terminal device can obtain a decryption key for multimedia data only by establishing a short-distance communication connection with a smart device. In this way, even if the server is blocked by a malicious third party If it is broken, the multimedia data in it cannot be viewed at will, and malicious third parties need to establish connections with smart devices one by one to obtain the key, which increases the difficulty of cracking and reduces the possibility of information leakage. In addition, because the communication method for obtaining keys is short-distance communication, it can effectively prevent malicious users from cracking smart devices in batches through remote methods, so as to obtain a large number of decryption keys in a short period of time, further improving the difficulty of cracking and improving information security. .
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a data processing method, an apparatus, and a data interaction system.
Background
Along with the enhancement of safety consciousness, through the supervisory equipment who has the shooting function of cloth accuse, like the camera etc. can realize the collection to multimedia data in the monitoring range, simultaneously, can go back to in order to guarantee that the thing takes place after, can save the multimedia data that supervisory equipment recorded.
At present, multimedia data is usually saved to a server, and a user downloads the multimedia data from the server to the local computer or directly watches the multimedia data in the background of the server. Meanwhile, a part of servers can manage a plurality of monitoring devices in a centralized manner, and limit the multimedia data which can be seen by each user through authority control. Meanwhile, in order to ensure the security of the multimedia data, the stored multimedia data is usually encrypted, and the multimedia data is decrypted and viewed when the multimedia data needs to be viewed.
In the prior art, a user terminal issues a secret key through a server for decryption, however, the method has a security defect, once the server is broken or a request is intercepted and modified, a malicious third party can easily acquire the secret key in an abnormal way, so that multimedia data is decrypted, and information leakage is caused.
Disclosure of Invention
In order to solve the technical problem that a key is intercepted due to the fact that a server is broken or a request is intercepted, and further information leakage is caused, the embodiment of the application provides a data processing method, a data processing device and a data interaction system.
In a first aspect, an embodiment of the present application provides a data processing method, including:
downloading encrypted multimedia data from a server;
establishing short-distance communication connection with intelligent equipment, and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment;
and carrying out decryption operation on the encrypted multimedia data according to the first decryption key.
Optionally, the establishing a short-distance communication connection with the intelligent device, and obtaining the first decryption key corresponding to the encrypted multimedia data from the intelligent device, includes:
obtaining at least one candidate decryption key from the smart device;
selecting a first decryption key corresponding to the encrypted multimedia data from the candidate decryption keys;
or the like, or, alternatively,
the establishing of the short-distance communication connection with the intelligent device and the obtaining of the first decryption key corresponding to the encrypted multimedia data from the intelligent device include:
determining intelligent equipment corresponding to the encrypted multimedia data;
establishing a short-range communication connection with the intelligent device;
and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment.
Optionally, the method further includes:
when the encrypted multimedia data is downloaded from the server, a second decryption key corresponding to the encrypted multimedia data is obtained from the server;
the decrypting the encrypted multimedia data according to the first decryption key includes:
combining the first decryption key and the second decryption key to obtain a first combined key;
and decrypting the encrypted multimedia data by using the first combination key.
Optionally, the method further includes:
acquiring a third decryption key corresponding to the encrypted multimedia data from preset equipment;
the decrypting the encrypted multimedia data according to the first decryption key includes:
combining the first decryption key, the second decryption key and the third decryption key to obtain a second combined key;
and decrypting the encrypted multimedia data by using the second combination key.
On the other hand, the embodiment of the application provides a data processing method, which establishes short-distance communication connection with terminal equipment;
and sending the pre-stored first decryption key to the terminal equipment.
Optionally, the method further includes:
encrypting the obtained multimedia data by adopting an encryption key;
uploading the encrypted multimedia data to a server;
and generating and storing a first decryption key corresponding to the encryption key.
Optionally, the generating and storing a first decryption key corresponding to the encryption key includes:
generating a combined key corresponding to the encryption key;
splitting the merged key into the first decryption key and a second decryption key;
storing the first decryption key;
and storing the second decryption key and the encrypted multimedia data to the server.
Optionally, the method further includes:
when a key updating instruction is received, re-splitting the combined key to obtain a split first new decryption key and a split second new decryption key;
storing the first new decryption key;
and sending the second new decryption key to the server, and updating the second decryption key by the server by using the new decryption key.
Optionally, the generating and storing a first decryption key corresponding to the encryption key includes:
generating a combined key corresponding to the encryption key;
splitting the combined key into the first decryption key, the second decryption key and a third decryption key;
storing the first decryption key;
sending the second decryption key and the encrypted multimedia data to the server;
and sending the third decryption key to preset equipment.
Optionally, the sending the pre-stored first decryption key to the terminal device includes:
when the key transmission mode is determined to be entered, sending the first decryption key to the terminal equipment;
the determining to enter a key transmission mode includes:
and entering the key transmission mode according to the received preset key transmission instruction, and/or entering the key transmission mode when a preset key is triggered.
On the other hand, an embodiment of the present application provides a terminal device, including:
a download module for downloading the encrypted multimedia data from the server;
the acquisition module is used for establishing short-distance communication connection with intelligent equipment and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment;
and the decryption module is used for decrypting the encrypted multimedia data according to the first decryption key.
On the other hand, the embodiment of the present application provides an intelligent device, including:
and the communication module is used for establishing short-distance communication connection with the terminal equipment and sending the pre-stored first decryption key to the terminal equipment.
On the other hand, an embodiment of the present application provides a data interaction system, including: the system comprises terminal equipment, intelligent equipment and a server;
the intelligent equipment is used for encrypting the obtained multimedia data by adopting an encryption key; uploading the encrypted multimedia data to a server; generating and storing a first decryption key corresponding to the encryption key;
the server is used for storing the encrypted multimedia data;
the terminal equipment is used for downloading the encrypted multimedia data from the server; establishing short-distance communication connection with intelligent equipment, and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment; and carrying out decryption operation on the encrypted multimedia data according to the first decryption key.
In another aspect, an embodiment of the present application provides an electronic device, including: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory is used for storing a computer program;
the processor is configured to implement the above method steps when executing the computer program.
In another aspect, an embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the above method steps.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
the terminal equipment can acquire the decryption key of the multimedia data only by establishing short-distance communication connection with the intelligent equipment, so that even if the server is broken by a malicious third party, the multimedia data cannot be checked at will, the malicious third party needs to establish connection with the intelligent equipment one by one to acquire the key, the cracking difficulty is increased, and the possibility of information leakage is reduced. In addition, because the communication mode for acquiring the key is a short-distance communication mode, malicious users can be effectively prevented from cracking the intelligent equipment in batches in a remote mode, so that a large number of decryption keys can be acquired in a short time, the cracking difficulty is further improved, and the information safety is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart of a data processing method according to an embodiment of the present application;
fig. 2 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 3 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 4 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 5 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 6 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 7 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 8 is a flowchart of a data processing method according to another embodiment of the present application;
fig. 9 is a block diagram of a terminal device according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
According to the embodiment of the application, in order to avoid a malicious third party from obtaining the secret key of the multimedia data from the server and decrypting the multimedia data to cause information leakage, when the terminal equipment needs to decrypt the multimedia data, the terminal equipment obtains the secret key through close-range communication with the intelligent equipment generating the multimedia data to decrypt the encrypted multimedia data.
Fig. 1 is a block diagram of a data interaction system according to an embodiment of the present application, and as shown in fig. 1, the data interaction system includes: server 1, intelligent device 2 and terminal equipment 3.
The intelligent device 2 is used for encrypting the acquired multimedia data by adopting an encryption key; uploading the encrypted multimedia data to the server 1; and generating and storing a first decryption key corresponding to the encryption key.
The intelligent device 2 comprises intelligent household devices such as an intelligent television, an intelligent air conditioner and a sweeping robot. The intelligent device 2 generates monitored multimedia data through input devices such as a camera and a microphone, encrypts the multimedia data, establishes communication connection with the server 1 through an HTTP request, and uploads the encrypted multimedia data to the server 1.
A server 1 for storing encrypted multimedia data;
a terminal device 3 for downloading encrypted multimedia data from the server 1; establishing short-distance communication connection with the intelligent equipment 2, and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment 2; and carrying out decryption operation on the encrypted multimedia data according to the first decryption key.
The terminal device 3 and the server 1 may also establish a communication connection through an HTTP request. The following short-distance communication mode can be adopted between the terminal device 3 and the intelligent device 2: WiFi (IEEE 802.11 protocol), Mesh, Bluetooth, ZigBee, Thread, Z-Wave, NFC, UWB, LiFi, Huashi Hilink protocol or wired communication mode, etc.
Based on the data interaction system in the above embodiment, the terminal device can acquire the decryption key of the multimedia data only by establishing short-distance communication connection with the intelligent device, so that even if the server is broken by a malicious third party, the multimedia data therein cannot be checked at will, the malicious third party needs to establish connection with the intelligent device one by one to acquire the key, the cracking difficulty is increased, and the possibility of information leakage is reduced. In addition, because the communication mode for acquiring the key is a short-distance communication mode, malicious users can be effectively prevented from cracking the intelligent equipment in batches in a remote mode, so that a large number of decryption keys can be acquired in a short time, the cracking difficulty is further improved, and the information safety is improved.
A data processing method provided in an embodiment of the present invention is described below.
Fig. 2 is a flowchart of a data processing method according to an embodiment of the present application. As shown in fig. 2, the method is applied to a terminal device, and includes the following steps:
step S11, downloading encrypted multimedia data from the server;
step S12, establishing short-distance communication connection with the intelligent equipment, and acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent equipment;
in step S13, the encrypted multimedia data is decrypted according to the first decryption key.
In this embodiment, the terminal device can acquire the decryption key of the multimedia data only by establishing short-distance communication connection with the intelligent device, so that even if the server is broken by a malicious third party, the multimedia data cannot be checked at will, the malicious third party needs to establish connection with the intelligent device one by one to acquire the key, the cracking difficulty is increased, and the possibility of information leakage is reduced. In addition, because the communication mode for acquiring the key is a short-distance communication mode, malicious users can be effectively prevented from cracking the intelligent equipment in batches in a remote mode, so that a large number of decryption keys can be acquired in a short time, the cracking difficulty is further improved, and the information safety is improved.
The server side stores a plurality of multimedia data, and the plurality of multimedia data may be generated and uploaded by one intelligent device or may be generated and uploaded by a plurality of intelligent devices.
If multiple multimedia data are generated and uploaded by one smart device, the decryption keys corresponding to the multimedia data may be the same or different. The terminal device may obtain one or more decryption keys from the smart device.
If the multimedia data are generated and uploaded by different intelligent devices, the terminal device is connected with the intelligent devices to obtain the decryption key stored by each intelligent device and decrypt the multimedia data.
In an alternative embodiment, after downloading the multimedia data, the terminal device may obtain a plurality of decryption keys from one or more smart devices, and select a decryption key corresponding to the downloaded multimedia data from the plurality of decryption keys for decryption. The step S12 includes:
step A1, obtaining at least one candidate decryption key from the smart device;
step a2, selecting a first decryption key corresponding to the encrypted multimedia data from the candidate decryption keys.
In another optional embodiment, the terminal device may determine, according to the downloaded multimedia data, an intelligent device that generates and uploads the multimedia data, establish a connection with the intelligent device, and request, from the intelligent device, a decryption key corresponding to the multimedia data. The step S12 includes:
step B1, determining the intelligent device corresponding to the encrypted multimedia data;
step B2, establishing short-distance communication connection with the intelligent device;
and step B3, acquiring a first decryption key corresponding to the encrypted multimedia data from the intelligent device.
In the above embodiment, the smart device uploads the device identifier of the smart device and the encrypted multimedia data to the server together, or the server adds the device identifier to the multimedia data according to the uploaded smart device when the encrypted multimedia data is stored. In this way, after the terminal device downloads the multimedia data, the decryption key corresponding to the multimedia data may be searched based on the device identifier, or the smart device that generates and uploads the multimedia data may be determined, and a connection may be established with the smart device.
If the decryption keys of the multiple multimedia data generated by the same intelligent device are different, the intelligent device uploads the key identification corresponding to the multimedia data and the multimedia data to the server together, so that if the terminal device has obtained the multiple decryption keys from the intelligent device, the decryption key corresponding to the multimedia data can be found based on the device identification and the key identification obtained from the server.
In order to further improve information security and avoid data leakage risk caused by the fact that the terminal equipment is controlled by a malicious user, the decryption key can be split into at least two key fragments, one key fragment and multimedia data are uploaded to the server, and the other key fragment is stored on the intelligent equipment; or other preset intelligent devices can be introduced, that is, the decryption key is split into three or more key fragments, and the key fragments are respectively stored in the server, the intelligent device and other preset intelligent devices.
Fig. 3 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 3, the method further comprises the steps of:
step S21, when downloading the encrypted multimedia data from the server, obtaining a second decryption key corresponding to the encrypted multimedia data from the server;
the step S13 includes:
step S22, merging the first decryption key and the second decryption key to obtain a first merged key;
in step S23, the encrypted multimedia data is decrypted using the first merge key.
The intelligent device splits a first combined key corresponding to the encrypted multimedia data into two key fragments: a first decryption key a and a second decryption key B.
The first decryption key A is stored at the intelligent device, and the second decryption key B and the encrypted multimedia data are uploaded to the server for storage. When the terminal equipment downloads multimedia data from the server side, a second decryption key B is obtained, and a first decryption key A is obtained after short-distance communication connection is established between the terminal equipment and the intelligent equipment; and after the first decryption key A and the second decryption key B are combined, the encrypted multimedia data can be decrypted by using the obtained first combined key.
In this way, even if a malicious third party obtains the first decryption key a in the terminal device by an abnormal means, the first combined key can be re-segmented at the smart device, the smart device uploads the re-segmented second decryption key B 'to the server, and the server side replaces the previously stored second decryption key B with the second decryption key B'. After the malicious third party obtains the second decryption key B 'from the server, the malicious third party still cannot decrypt the multimedia data because the first decryption key a is not matched with the second decryption key B'. Therefore, the decryption key is segmented and stored in multiple positions, so that the difficulty of data decryption can be further increased, and the data security is improved.
Fig. 4 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 4, the method further comprises the steps of:
step S31, obtaining a third decryption key corresponding to the encrypted multimedia data from the preset device;
the step S13 includes:
step S32, the first decryption key, the second decryption key and the third decryption key are combined to obtain a second combined key;
in step S33, the encrypted multimedia data is decrypted by using the second merge key.
The decryption key may be divided into three or more key fragments, and at least one trusted device is introduced to store the key fragments in addition to the key fragments stored in the server and the smart device. For example, the smart device is a smart television, and the other trusted devices may be a smart speaker, a smart air conditioner, a smart refrigerator, a floor sweeping robot, a specific user computer or a mobile phone, etc. located in the same home. Therefore, the terminal equipment can decrypt the multimedia data only by acquiring all the key fragments, so that the difficulty of data decryption is further increased, and the data security is improved.
In another optional embodiment, in order to avoid a malicious third party from obtaining the decryption key from the smart device, the smart device may further perform authentication on the terminal device that establishes the short-range communication connection, and send the decryption password to the terminal device only after the authentication is passed. The step S12 includes: the identity authentication information is sent to the intelligent equipment, the intelligent equipment verifies the identity authentication information, and when the verification is passed, a first decryption key is sent; a first decryption key is received from the smart device. The identity authentication can be verified by means of a password, a token, an authentication code and the like.
In another optional embodiment, in order to avoid a malicious third party from obtaining the multimedia data from the server, the server may further set an access right to each multimedia data, that is, a terminal device having the access right can download the corresponding multimedia data.
The embodiment of the present application further provides a data processing method applied to an intelligent device, including: establishing short-distance communication connection with the terminal equipment; and sending the pre-stored first decryption key to the terminal equipment.
Optionally, after the intelligent device generates the multimedia data, the multimedia data is encrypted through the encryption key. Fig. 5 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 5, the method further includes:
step S41, encrypting the obtained multimedia data by using the encryption key;
step S42, uploading the encrypted multimedia data to a server;
in step S43, a first decryption key corresponding to the encryption key is generated and stored.
The smart device may encrypt data using only one encryption key, may update the encryption key periodically, or may encrypt each multimedia data using a different encryption key. The smart device may encrypt using a symmetric encryption algorithm or an asymmetric encryption algorithm.
In order to further improve information security and avoid data leakage risk caused by the fact that the terminal equipment is controlled by a malicious user, the decryption key can be split into at least two key fragments, one key fragment and multimedia data are uploaded to the server, and the other key fragment is stored on the intelligent equipment; or other preset intelligent devices can be introduced, that is, the decryption key is split into three or more key fragments, and the key fragments are respectively stored in the server, the intelligent device and other preset intelligent devices.
Fig. 6 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 6, the step S43 includes:
step S51, generating a combined key corresponding to the encryption key;
step S52, splitting the combined key into a first decryption key and a second decryption key;
step S53, storing the first decryption key;
step S54, the second decryption key and the encrypted multimedia data are stored in the server.
The intelligent device splits a first combined key corresponding to the encrypted multimedia data into two key fragments: a first decryption key a and a second decryption key B.
The first decryption key A is stored at the intelligent device, and the second decryption key B and the encrypted multimedia data are uploaded to the server for storage. When the terminal equipment downloads multimedia data from the server side, a second decryption key B is obtained, and a first decryption key A is obtained after short-distance communication connection is established between the terminal equipment and the intelligent equipment; and after the first decryption key A and the second decryption key B are combined, the encrypted multimedia data can be decrypted by using the obtained first combined key.
Fig. 7 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 7, the method further includes:
step S61, when a key updating instruction is received, the combined key is re-split to obtain a split first new decryption key and a split second new decryption key;
step S62, storing the first new decryption key;
in step S63, the second new decryption key is sent to the server, and the server updates the second decryption key with the new decryption key.
The key updating instruction may be triggered by a user pressing a button on the smart device, or may be automatically triggered by the smart device itself according to a preset time, or may be sent to the smart device by another device according to a preset rule.
In this way, even if a malicious third party obtains the first decryption key a in the terminal device by an abnormal means, the first combined key can be re-segmented at the smart device, the smart device uploads the re-segmented second decryption key B 'to the server, and the server side replaces the previously stored second decryption key B with the second decryption key B'. After the malicious third party obtains the second decryption key B 'from the server, the malicious third party still cannot decrypt the multimedia data because the first decryption key a is not matched with the second decryption key B'. Therefore, the decryption key is segmented and stored in multiple positions, so that the difficulty of data decryption can be further increased, and the data security is improved.
Fig. 8 is a flowchart of a data processing method according to another embodiment of the present application. As shown in fig. 8, the step S43 includes:
step S71, generating a combined key corresponding to the encryption key;
step S72, splitting the merged key into a first decryption key, a second decryption key and a third decryption key;
step S73, storing the first decryption key;
step S74, sending the second decryption key and the encrypted multimedia data to the server;
step S75, sending the third decryption key to the preset device.
The decryption key may be divided into three or more key fragments, and at least one trusted device is introduced to store the key fragments in addition to the key fragments stored in the server and the smart device. For example, the smart device is a smart television, and the other trusted devices may be a smart speaker, a smart air conditioner, a smart refrigerator, a floor sweeping robot, a specific user computer or a mobile phone, etc. located in the same home. Therefore, the terminal equipment can decrypt the multimedia data only by acquiring all the key fragments, so that the difficulty of data decryption is further increased, and the data security is improved.
In another optional embodiment, the sending the pre-stored first decryption key to the terminal device includes: when the key transmission mode is determined to be entered, sending the first decryption key to the terminal equipment; determining to enter a key transmission mode, comprising: and entering a key transmission mode according to the received preset key transmission instruction, and/or entering the key transmission mode when the preset key is triggered.
How the smart device enters the key transmission mode may be set when the device leaves the factory. When a user needs to transmit a key, the intelligent device is set to be in a key transmission mode through a preset entering instruction. The preset key can be a key on the intelligent device or a combination of a plurality of cases.
The key transmission mode of the smart device may be a specific security mode, in which the smart device may disconnect from other communication connections except the terminal device, or the key transmission mode is a special encryption channel established between the smart device and the terminal device, and a decryption key is transmitted through the encryption channel. In this way, the security of key transmission can be improved, thereby further improving data security.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application.
Fig. 9 is a block diagram of a terminal device provided in an embodiment of the present application, where the terminal device may be implemented as part or all of an electronic device through software, hardware, or a combination of the two. As shown in fig. 9, the terminal device includes:
a download module 91 for downloading encrypted multimedia data from a server;
an obtaining module 92, configured to establish short-distance communication connection with the intelligent device, and obtain a first decryption key corresponding to the encrypted multimedia data from the intelligent device;
and the decryption module 93 is configured to perform a decryption operation on the encrypted multimedia data according to the first decryption key.
An embodiment of the present application further provides an intelligent device, including: and the communication module is used for establishing short-distance communication connection with the terminal equipment and sending the pre-stored first decryption key to the terminal equipment.
An embodiment of the present application further provides an electronic device, as shown in fig. 10, the electronic device may include: the system comprises a processor 1501, a communication interface 1502, a memory 1503 and a communication bus 1504, wherein the processor 1501, the communication interface 1502 and the memory 1503 complete communication with each other through the communication bus 1504.
A memory 1503 for storing a computer program;
the processor 1501, when executing the computer program stored in the memory 1503, implements the steps of the method embodiments described below.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (pci) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method embodiments described below.
It should be noted that, for the above-mentioned apparatus, electronic device and computer-readable storage medium embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiments.
It is further noted that, herein, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (15)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011413843.6A CN112487455B (en) | 2020-12-03 | 2020-12-03 | A data processing method, device and data interaction system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011413843.6A CN112487455B (en) | 2020-12-03 | 2020-12-03 | A data processing method, device and data interaction system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112487455A true CN112487455A (en) | 2021-03-12 |
| CN112487455B CN112487455B (en) | 2024-12-06 |
Family
ID=74939922
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011413843.6A Active CN112487455B (en) | 2020-12-03 | 2020-12-03 | A data processing method, device and data interaction system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112487455B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001784A (en) * | 2022-05-26 | 2022-09-02 | 平安普惠企业管理有限公司 | Data storage method and device, electronic equipment and computer readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060005259A1 (en) * | 2004-06-30 | 2006-01-05 | Kabushiki Kaisha Toshiba | Information-processing device, information-processing method, and information-processing program product |
| CN111586066A (en) * | 2020-05-12 | 2020-08-25 | 上海依图网络科技有限公司 | Method and device for encrypting multimedia data |
| CN111698537A (en) * | 2020-06-12 | 2020-09-22 | 北京百度网讯科技有限公司 | Multimedia data processing method, device, equipment and storage medium |
-
2020
- 2020-12-03 CN CN202011413843.6A patent/CN112487455B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060005259A1 (en) * | 2004-06-30 | 2006-01-05 | Kabushiki Kaisha Toshiba | Information-processing device, information-processing method, and information-processing program product |
| CN111586066A (en) * | 2020-05-12 | 2020-08-25 | 上海依图网络科技有限公司 | Method and device for encrypting multimedia data |
| CN111698537A (en) * | 2020-06-12 | 2020-09-22 | 北京百度网讯科技有限公司 | Multimedia data processing method, device, equipment and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001784A (en) * | 2022-05-26 | 2022-09-02 | 平安普惠企业管理有限公司 | Data storage method and device, electronic equipment and computer readable storage medium |
| CN115001784B (en) * | 2022-05-26 | 2024-05-28 | 广州正高科技有限公司 | Data storage method, device, electronic equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112487455B (en) | 2024-12-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108512846B (en) | Bidirectional authentication method and device between terminal and server | |
| CN110113427B (en) | Relay service for communication between controller and accessory | |
| CN107645725B (en) | Network configuration method and system, routing equipment and network access equipment | |
| US11757874B2 (en) | Mutual authentication system | |
| CN106961334A (en) | Secure wireless communication between controller and annex | |
| CN108540433B (en) | User identity verification method and device | |
| CN102739642A (en) | Permitting access to a network | |
| CN112737902B (en) | Network configuration method and device, storage medium and electronic equipment | |
| KR20060077422A (en) | Method and system for public key authentication of device in home network | |
| CN114221822B (en) | Distribution network method, gateway device and computer readable storage medium | |
| JP6012888B2 (en) | Device certificate providing apparatus, device certificate providing system, and device certificate providing program | |
| CN106656923A (en) | Device association method, key update method and apparatuses | |
| CN106603226B (en) | Message transmission encryption and authentication method, sender device and receiver device | |
| WO2016197555A1 (en) | Network monitoring apparatus, and remote encryption and remote activation method, device and system therefor | |
| KR20110099287A (en) | Generate a personal identification number (PINE) between two devices in your network | |
| JP6752013B2 (en) | Hearing devices with service modes and related methods | |
| CN112512048B (en) | Mobile network access system, method, storage medium and electronic device | |
| CN109547303B (en) | Control method and related equipment | |
| CN104852800A (en) | Data transmission method and device | |
| CN112487455B (en) | A data processing method, device and data interaction system | |
| JP2018152796A (en) | Remote device control system and remote device control method | |
| CN106537962B (en) | Wireless network configuration, access and access method, device and equipment | |
| KR20150116749A (en) | Apparatus for sharing a session key between devises and the method thereof | |
| JP4489601B2 (en) | Security information exchange method, recorder apparatus, and television receiver | |
| CN113660645B (en) | Device configuration method and device, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |