CN112597517A - Encrypted communication method, system, device and medium for installing client - Google Patents

Encrypted communication method, system, device and medium for installing client Download PDF

Info

Publication number
CN112597517A
CN112597517A CN202011562923.8A CN202011562923A CN112597517A CN 112597517 A CN112597517 A CN 112597517A CN 202011562923 A CN202011562923 A CN 202011562923A CN 112597517 A CN112597517 A CN 112597517A
Authority
CN
China
Prior art keywords
installation
client
data
installing
user equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011562923.8A
Other languages
Chinese (zh)
Inventor
姚晓星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ctrip Travel Network Technology Shanghai Co Ltd
Original Assignee
Ctrip Travel Network Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ctrip Travel Network Technology Shanghai Co Ltd filed Critical Ctrip Travel Network Technology Shanghai Co Ltd
Priority to CN202011562923.8A priority Critical patent/CN112597517A/en
Publication of CN112597517A publication Critical patent/CN112597517A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides an encrypted communication method, a system, equipment and a medium for installing a client, wherein the method comprises the following steps: the method comprises the steps of obtaining a client installation instruction generated at a browser end, generating installation request information based on the client installation instruction, and sending the installation request information to a server; the method comprises the steps that after receiving installation request information, a server obtains installation data of a client side, encrypts the installation data sequentially through a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment through a browser end; the user equipment generates a second private key by using a preset method based on the installation instruction; decrypting the encrypted data to obtain installation data and preset check data; the user equipment verifies the installation data based on preset verification data, and when the verification is successful, installation is executed based on the installation data of the client; the application ensures the safety and reliability of data transmission in the client installation process.

Description

Encrypted communication method, system, device and medium for installing client
Technical Field
The present invention relates to the field of computer technologies, and in particular, to an encrypted communication method, system, device, and medium for installing a client.
Background
Due to the work requirement, enterprises need to install various kinds of work software on the computers of the employees. Many enterprises limit the authority of the employee computers to be managed (users do not have the authority of their own administrators) for security and management. Most software can be normally used after being installed by using the authority of an administrator, so that the installation of the software needs to be authorized by authorized IT personnel. The method comprises the steps that an employee puts forward a software installation requirement, an IT worker prepares a software installation package in advance according to the user requirement, and logs in a user computer to carry out software installation operation after the employee is reserved. This makes the entire software installation process cumbersome.
On the other hand, the process of installing the client has data communication between the server and the user equipment, and the traditional data transmission mode is easily utilized by malicious programs. Once the installation file is replaced, the user equipment executes the unsafe installation file, so that the user equipment has a great safety hazard.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide an encrypted communication method, system, equipment and medium for installing a client, so that a user can install the client on line by self through a browser, and the safety and reliability of client installation are ensured.
To achieve the above object, the present invention provides an encrypted communication method for installing a client, the method comprising the steps of:
s10, acquiring a client installation instruction generated at a browser end, generating installation request information related to a client based on the client installation instruction, and sending the installation request information to a server;
s20, after receiving the installation request information, the server acquires installation data of the client, encrypts the installation data sequentially by using a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment through a browser end; the public key is generated by using a random function; the first private key is generated by the server by using a preset method;
s30, the user equipment generates a second private key by using the preset method based on the installation instruction; decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain installation data and preset check data of the client;
and S40, the user equipment verifies the installation data of the client based on the preset verification data, and when the verification is successful, the installation is executed based on the installation data of the client.
Optionally, the client and the browser end respectively have attribute data; the preset method includes the steps of intercepting partial fields from attribute data of the client and attribute data of the browser, splicing the partial fields to form character strings, and intercepting and reserving the character strings with preset lengths after the character strings of the character strings are replaced in a staggered mode.
Optionally, the step S20 includes:
and the server encrypts the installation data and the preset verification data by adopting a first private key and a public key in sequence to generate encrypted data and an installation instruction.
Optionally, the step S40 includes:
and when the verification is successful, requesting a server on line to acquire a client installation package based on the installation data of the client, and installing the client based on the client installation package.
Optionally, the step S40 includes:
acquiring network transmission data of the encrypted data;
acquiring the download estimated time length of the client installation package based on the network transmission data of the encrypted data;
and within the estimated downloading time, when detecting that at least two user equipment in the same group generate a new same downloading task, and the two user equipment suspend the downloading task of the client installation package, suspending the downloading task of the client installation package for the other user equipment in the group with the same downloading task.
Optionally, the method further comprises the step of:
and generating a client configuration file on the server, controlling all the user equipment belonging to the same group to access the client configuration file, and executing the client configuration file on all the user equipment.
Optionally, the step S40 includes:
acquiring system resource idle information and a historical non-operation time period of user equipment, wherein the historical non-operation time period is used for representing a time period when the user equipment is not operated every day; the system resource idle information is obtained according to the CPU occupancy rate and the memory occupancy rate of the user equipment;
predicting a current no-operation time period based on the historical no-operation time period;
acquiring estimated installation time for installing the client installation package based on the user equipment and the client installation package;
and when the system resource idle information is larger than a first preset threshold value and/or the estimated installation time from the current time is positioned in the current non-operation time period, executing the installation of the client.
Optionally, the method further comprises the step of:
when the client fails to install, acquiring installation failure prompt information;
when the installation failure prompt information is within a preset installation failure range, acquiring response operations of users of at least two user devices in the same group based on the installation failure prompt information;
and when the response operations corresponding to the users of the at least two user devices are the same, executing the response operations on the other user devices with the same installation failure prompt information in the group, and re-installing.
The invention also provides an encrypted communication system for installing the client, which is used for realizing the encrypted communication method for installing the client, and the system comprises a browser end, a server and user equipment;
the browser generates a client installation instruction, generates installation request information related to a client based on the client installation instruction, and sends the installation request information to a server;
after receiving the installation request information, the server acquires installation data of the client, encrypts the installation data by adopting a first private key and a public key in sequence to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment through a browser end; the public key is generated by using a random function; the first private key is generated by the server by using a preset method;
the user equipment generates a second private key by using the preset method based on the installation instruction; decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain installation data and preset check data of the client; and checking the installation data of the client based on the preset checking data, and when the checking is successful, executing installation based on the installation data of the client.
The present invention also provides an encrypted communication device for installing a client, including:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform any of the above steps of the encrypted communication method for installing a client via execution of the executable instructions.
The present invention also provides a computer-readable storage medium storing a program which, when executed by a processor, performs any of the above-described steps of the encrypted communication method for installing a client.
Compared with the prior art, the invention has the following advantages and prominent effects:
the encrypted communication method, the encrypted communication system, the encrypted communication equipment and the encrypted communication medium for installing the client enable a user to only need to access a browser end, select or search software to be installed and click to install, and then installation of the client can be completed; the automatic acquisition and installation of the client installation are realized, and the client installation can be completed without the assistance of IT (information technology) personnel; moreover, the installation data of the client is encrypted sequentially through the private key and the public key, and the installation data obtained after decryption is verified by adopting preset verification data, so that the safety and reliability of the client in the data transmission and installation processes are ensured.
Drawings
Other features, objects and advantages of the present invention will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of an encrypted communication method for installing a client according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating step S40 in an encrypted communication method for installing a client according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating step S405 in an encrypted communication method for installing a client according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an encrypted communication system for installing a client according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an encrypted communication device for installing a client according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a computer-readable storage medium according to an embodiment of the disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar structures, and thus their repetitive description will be omitted.
As shown in fig. 1, an embodiment of the present invention discloses an encrypted communication method for installing a client, including the following steps:
s10, the client installation instruction generated by the browser is acquired, installation request information related to a client is generated based on the client installation instruction, and the installation request information is transmitted to the server. Specifically, the method and the device provide a uniform software self-help installation page for the user, and the user can select or search the required installation software and click to install the software after the user accesses the browser.
The browser generates a client installation instruction based on the selection and the click operation of the user, then the server acquires the authority information of the user according to the user login information acquired by the browser, compares the authority information with the authority range of the user stored in the database, and if the authority information is in the authority range of the database, the next step is carried out: the browser generates installation request information related to a client based on the client installation instruction, and sends the installation request information to the server. Wherein the database stores the authority range of each user.
In this embodiment, the client and the browser end respectively have attribute data. The attribute data of the client may include a client name and a client publishing vendor name. The attribute data of the browser end can comprise a browser name and browser login user information;
and S20, after receiving the installation request information, the server acquires the installation data of the client, sequentially encrypts the installation data by using a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to the user equipment through the browser. Specifically, the public key is generated by a random function. The first private key is generated by the server by using a preset method. In this embodiment, the server encrypts the installation data and the preset verification data in sequence by using a first private key and a public key to generate the encrypted data and the installation instruction.
The preset method includes the steps of intercepting partial fields from the attribute data of the client and the attribute data of the browser, splicing the partial fields to form character strings, and intercepting and reserving the character strings with preset lengths after the character positions of the character strings are replaced. The random function can be realized by using the prior art, and the description of the application is omitted. The predetermined verification data may be in the form of MD5 (a cryptographic hash function) or a hash code. This is not limited by the present application.
S30, the user equipment generates a second private key by using the preset method based on the installation instruction; and decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain the installation data and the preset verification data of the client.
And S40, the user equipment verifies the installation data of the client based on the preset verification data, and when the verification is successful, the installation is executed based on the installation data of the client. And when the verification is unsuccessful, stopping installation, generating prompt information and displaying the prompt information on the user equipment. Specifically, the installation data of the client includes second check data, and the preset check data and the second check data are compared to determine whether the preset check data and the second check data are consistent, so that the check can be completed. If the two are consistent, the verification is successful.
In this embodiment, when the verification is successful, a client installation package is requested to the server online based on the installation data of the client, and the client is installed based on the client installation package. That is, the installation data is not an installation package of the client but a basic installation file of the client. After the installation data is executed, a complete client installation package needs to be downloaded online, and then the installation of the client can be completed. Therefore, occupation of the client installation package on the storage resources of the user equipment hard disk is reduced, and user experience is improved.
In another embodiment of the present application, on the basis of the above embodiment, another encryption communication method for installing a client is disclosed. In the method, step S10 is:
the method comprises the steps of obtaining a client installation instruction generated by a user at a browser end, generating installation request information related to a client based on the client installation instruction, and controlling the browser end corresponding to the user and the browser ends corresponding to other users belonging to the same group with the user to respectively send the installation request information to a server. Where each user belongs to a group. Each user corresponds to one user equipment, that is, each user equipment belongs to one group. The group can be a work group, a business group and the like which are divided according to work needs in an enterprise. The users correspond to the browser ends one to one. That is, each user corresponds to a browser end. In the application, the user is also in one-to-one correspondence with the user equipment, so that the user equipment is also in one-to-one correspondence with the browser end.
Step S20 is: and after receiving the installation request information, the server acquires installation data of the client, sequentially encrypts the installation data by using a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment corresponding to the user and other user equipment belonging to the same group with the user through a browser.
Step S30 is: each user equipment in the group containing the user generates a second private key by utilizing the preset method based on the installation instruction; and decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain the installation data and the preset verification data of the client.
And S40, the user equipments respectively check the installation data of the client based on the preset check data, and if the check is successful, execute installation based on the installation data of the client. This is beneficial to improve the efficiency of installing clients for all user devices in the group.
As shown in fig. 2, step S40 of this embodiment includes:
s401, each user device in the group containing the user respectively requests the server for obtaining the client installation package on line based on the installation data.
S402, respectively obtaining network transmission data of the same group of user equipments with respect to the installation data.
And S403, acquiring the estimated downloading time of each user equipment about the client installation package based on the network transmission data of the installation data.
S404, in the estimated downloading time, when detecting that at least two user equipments in the same group generate new same downloading tasks, and the two user equipments suspend the downloading task of the client installation package, suspending the downloading task of the client installation package for the other user equipments in the group with the same downloading task. And
s405, after the new downloading task is downloaded, the downloading task of the client installation package is continuously executed, and after the downloading of the client installation package is completed, the client is installed based on the client installation package.
The network transmission data may be a network transmission rate, and the download estimated duration may be a ratio of a data size (for example, 200M) of the client installation package to the network transmission rate. When two user devices in the same group preferentially download the new download task at the same time, the new download task is more important for the current work of the group, and then the preferential download of the new download task is performed on the other user devices. Therefore, the complexity of the user equipment operation of the group of users is reduced, the automation degree of the user equipment operation is improved, and the user experience is improved.
In another embodiment, the step S10 may be: acquiring a client installation instruction generated by a user at a browser end, and generating installation request information related to a client based on the client installation instruction; acquiring the installation rate of the client on all user equipment in the group containing the user; and when the installation rate is greater than a second preset threshold value, controlling the browser terminals corresponding to all user equipment which belongs to the same group and is not provided with the client terminal to send the installation request information to a server.
Therefore, the efficiency of installing the client by all the user equipment in the group is improved on the premise of ensuring the installation accuracy of the client, and convenience is provided for the work of all the users in the group. The second preset threshold may be 60%, which is not limited in this application.
As shown in fig. 3, in this embodiment, step S405 may include:
s4051, after the downloading of the client installation package is completed, system resource idle information and historical non-operation time periods of each user device in the same group are obtained. The historical no-operation time period is used for representing the time period when the user equipment is not operated every day before the current time. The system resource idle information can be obtained according to the CPU occupancy rate and the memory occupancy rate of the user equipment.
S4052, predicting the current non-operation time period based on the historical non-operation time period. The current no-operation time period may be a common time period of all the historical no-operation time periods, that is, an intersection of all the historical no-operation time periods.
S4053, obtaining the estimated installation time for installing the client installation package based on the user equipment and the client installation package. For example, the ratio of the data size of the client installation package to the hard disk write rate of the user equipment may be used as the estimated installation duration.
S4054, when the system resource idle information is larger than a first preset threshold value and/or the estimated installation time from the current time is within the current non-operation time period, installing the client based on the client installation package. For example, if the current time is 9:15, the estimated installation time is 10 minutes. I.e. if installation is now started, the installation period is 9:15 to 9: 25. The current no-operation time period includes 9:00 to 9:30, that is, the user does not operate the user equipment in the time period from nine o 'clock to nine o' clock thirty minutes. Then at this point the installation period is within the current no-operation period, so installation is possible.
Therefore, the client can be installed when the user is convenient (such as eating time), the performance requirement of the user during working on the user equipment can not be influenced, and the experience of the user during working can not be influenced.
In another embodiment of the application, on the basis of the above embodiment, another browser-based client multitask installation method is disclosed. The method further comprises the steps of:
and S70, when the client fails to install, acquiring prompt information of installation failure.
And S80, when the installation failure prompt message is within the preset installation failure range, acquiring response operations of at least two user devices in the same group based on the installation failure prompt message.
And S90, when the response operations corresponding to the at least two user equipments are the same, executing the response operations to the other user equipments with the same installation failure prompt information, and re-installing.
Specifically, the installation result of the client is acquired after installation. And when the installation result shows that the client fails to install, acquiring installation failure prompt information. For example, the install failure notification message may be a data access port conflict. I.e. conflicts with data access ports already set by other clients in the user equipment, resulting in a failed installation. At this time, if the users corresponding to at least two pieces of user equipment all execute the same response operation, successful installation is realized. For example, it is possible that two users achieve successful installation by modifying the data access port that the client needs to use. If the modification operation is feasible, the response operation (i.e., modifying the data access port) is performed on all the other user devices that also acquired the installation failure prompt message, that is, the successful installation can be realized.
Therefore, when the installation fails, the quick response and the correct response operation are obtained, and the installation efficiency of installing the client by a plurality of user equipment in the same group is improved.
In another embodiment of the application, on the basis of the above embodiment, another browser-based client multitask installation method is disclosed. The method further comprises the steps of:
s100, generating a client configuration file on a server, controlling all user equipment belonging to the same group to access the client configuration file, and executing the client configuration file on all the user equipment. Specifically, when the client needs to be configured after being installed, the configuration file is used for realizing batch automatic configuration, so that each user equipment is prevented from needing manual configuration, the configuration and use efficiency of the client is improved, and the user experience is favorably improved.
As shown in fig. 4, an embodiment of the present invention further discloses an encrypted communication system 4 for installing a client, which includes a browser 41, a server 42 and a user device 43.
The browser end 41 generates a client installation instruction, generates installation request information related to a client based on the client installation instruction, and sends the installation request information to the server;
after receiving the installation request information, the server 42 obtains installation data of the client, sequentially encrypts the installation data by using a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to the user equipment through a browser end; the public key is generated by using a random function; the first private key is generated by the server by using a preset method;
the user equipment 43 generates a second private key by using the preset method based on the installation instruction; decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain installation data and preset check data of the client; and checking the installation data of the client based on the preset checking data, and when the checking is successful, executing installation based on the installation data of the client.
It is understood that the encrypted communication system for installing the client of the present invention further includes other existing functional modules that support the operation of the encrypted communication system for installing the client. The encrypted communication system for installing the client shown in fig. 4 is only an example, and should not bring any limitation to the function and the scope of use of the embodiment of the present invention.
The encryption communication system for installing the client in this embodiment is used to implement the above method for installing the encryption communication of the client, so for the specific implementation steps of the encryption communication system for installing the client, reference may be made to the above description of the method for installing the encryption communication of the client, and details are not described here again.
The embodiment of the invention also discloses encrypted communication equipment for installing the client, which comprises a processor and a memory, wherein the memory stores executable instructions of the processor; the processor is configured to perform the steps in the above-described encrypted communication method for installing a client via execution of executable instructions. Fig. 5 is a schematic structural diagram of an encrypted communication device for installing a client according to the present disclosure. An electronic device 600 according to this embodiment of the invention is described below with reference to fig. 5. The electronic device 600 shown in fig. 5 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, the electronic device 600 is embodied in the form of a general purpose computing device. The components of the electronic device 600 may include, but are not limited to: at least one processing unit 610, at least one memory unit 620, a bus 630 connecting the different platform components (including the memory unit 620 and the processing unit 610), a display unit 640, etc.
Where the storage unit stores program code that may be executed by the processing unit 610 to cause the processing unit 610 to perform the steps according to various exemplary embodiments of the present invention described in the above-mentioned encrypted communication method section for installing a client in the present specification. For example, processing unit 610 may perform the steps as shown in fig. 1.
The storage unit 620 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)6201 and/or a cache memory unit 6202, and may further include a read-only memory unit (ROM) 6203.
The memory unit 620 may also include a program/utility 6204 having a set (at least one) of program modules 6205, such program modules 6205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 630 may be one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 600 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 600, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 600 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 650. Also, the electronic device 600 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 660. The network adapter 660 may communicate with other modules of the electronic device 600 via the bus 630. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 600, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage platforms, to name a few.
The invention also discloses a computer readable storage medium for storing a program which, when executed, implements the steps in the above encrypted communication method for installing a client. In some possible embodiments, the various aspects of the invention may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the invention described in the above-mentioned encrypted communication method for installing a client of the present specification, when the program product is run on the terminal device.
As shown above, when the program of the computer-readable storage medium of this embodiment is executed, the user only needs to access the browser end, select or search the required installation software, and click to install, so that the installation of the client can be completed; the automatic acquisition and installation of the client installation are realized, and the client installation can be completed without the assistance of IT (information technology) personnel; moreover, the installation data of the client is encrypted sequentially through the private key and the public key, and the installation data obtained after decryption is verified by adopting preset verification data, so that the safety and reliability of the client in the data transmission and installation processes are ensured.
Fig. 6 is a schematic structural diagram of a computer-readable storage medium of the present invention. Referring to fig. 6, a program product 800 for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The encrypted communication method, the system, the equipment and the medium for installing the client end provided by the embodiment of the invention enable a user to finish the installation of the client end only by accessing the browser end, selecting or searching the required installation software and clicking to install; the automatic acquisition and installation of the client installation are realized, and the client installation can be completed without the assistance of IT (information technology) personnel; moreover, the installation data of the client is encrypted sequentially through the private key and the public key, and the installation data obtained after decryption is verified by adopting preset verification data, so that the safety and reliability of the client in the data transmission and installation processes are ensured.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (11)

1. An encrypted communication method for installing a client, comprising the steps of:
s10, acquiring a client installation instruction generated at a browser end, generating installation request information related to a client based on the client installation instruction, and sending the installation request information to a server;
s20, after receiving the installation request information, the server acquires installation data of the client, encrypts the installation data sequentially by using a first private key and a public key to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment through a browser end; the public key is generated by using a random function; the first private key is generated by the server by using a preset method;
s30, the user equipment generates a second private key by using the preset method based on the installation instruction; decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain installation data and preset check data of the client;
and S40, the user equipment verifies the installation data of the client based on the preset verification data, and when the verification is successful, the installation is executed based on the installation data of the client.
2. The encrypted communication method for installing the client according to claim 1, wherein the client and the browser side have attribute data, respectively; the preset method includes the steps of intercepting partial fields from attribute data of the client and attribute data of the browser, splicing the partial fields to form character strings, and intercepting and reserving the character strings with preset lengths after the character strings of the character strings are replaced in a staggered mode.
3. The encrypted communication method for installing the client as claimed in claim 1, wherein the step S20 includes:
and the server encrypts the installation data and the preset verification data by adopting a first private key and a public key in sequence to generate encrypted data and an installation instruction.
4. The encrypted communication method for installing the client as claimed in claim 1, wherein the step S40 includes:
and when the verification is successful, requesting a server on line to acquire a client installation package based on the installation data of the client, and installing the client based on the client installation package.
5. The encrypted communication method for installing the client as claimed in claim 4, wherein the step S40 includes:
acquiring network transmission data of the encrypted data;
acquiring the download estimated time length of the client installation package based on the network transmission data of the encrypted data;
and within the estimated downloading time, when detecting that at least two user equipment in the same group generate a new same downloading task, and the two user equipment suspend the downloading task of the client installation package, suspending the downloading task of the client installation package for the other user equipment in the group with the same downloading task.
6. The encrypted communication method for installing the client as claimed in claim 5, wherein the method further comprises the steps of:
and generating a client configuration file on the server, controlling all the user equipment belonging to the same group to access the client configuration file, and executing the client configuration file on all the user equipment.
7. The encrypted communication method for installing the client as claimed in claim 4, wherein the step S40 includes:
acquiring system resource idle information and a historical non-operation time period of user equipment, wherein the historical non-operation time period is used for representing a time period when the user equipment is not operated every day; the system resource idle information is obtained according to the CPU occupancy rate and the memory occupancy rate of the user equipment;
predicting a current no-operation time period based on the historical no-operation time period;
acquiring estimated installation time for installing the client installation package based on the user equipment and the client installation package;
and when the system resource idle information is larger than a first preset threshold value and/or the estimated installation time from the current time is positioned in the current non-operation time period, executing the installation of the client.
8. The encrypted communication method for installing a client according to claim 1, wherein the method further comprises the steps of:
when the client fails to install, acquiring installation failure prompt information;
when the installation failure prompt information is within a preset installation failure range, acquiring response operations of users of at least two user devices in the same group based on the installation failure prompt information;
and when the response operations corresponding to the users of the at least two user devices are the same, executing the response operations on the other user devices with the same installation failure prompt information in the group, and re-installing.
9. An encrypted communication system for installing a client, which is used for realizing the encrypted communication method for installing the client according to claim 1, wherein the system comprises a browser end, a server and a user device;
the browser generates a client installation instruction, generates installation request information related to a client based on the client installation instruction, and sends the installation request information to a server;
after receiving the installation request information, the server acquires installation data of the client, encrypts the installation data by adopting a first private key and a public key in sequence to generate encrypted data and an installation instruction, and sends the encrypted data, the public key and the installation instruction to user equipment through a browser end; the public key is generated by using a random function; the first private key is generated by the server by using a preset method;
the user equipment generates a second private key by using the preset method based on the installation instruction; decrypting the encrypted data by adopting the public key and the second private key in sequence to obtain installation data and preset check data of the client; and checking the installation data of the client based on the preset checking data, and when the checking is successful, executing installation based on the installation data of the client.
10. An encrypted communications device for installing a client, comprising:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the steps of the encrypted communication method for installing a client of any one of claims 1 to 8 via execution of the executable instructions.
11. A computer-readable storage medium storing a program which when executed by a processor implements the steps of the encrypted communication method for installing a client according to any one of claims 1 to 8.
CN202011562923.8A 2020-12-25 2020-12-25 Encrypted communication method, system, device and medium for installing client Pending CN112597517A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011562923.8A CN112597517A (en) 2020-12-25 2020-12-25 Encrypted communication method, system, device and medium for installing client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011562923.8A CN112597517A (en) 2020-12-25 2020-12-25 Encrypted communication method, system, device and medium for installing client

Publications (1)

Publication Number Publication Date
CN112597517A true CN112597517A (en) 2021-04-02

Family

ID=75202481

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011562923.8A Pending CN112597517A (en) 2020-12-25 2020-12-25 Encrypted communication method, system, device and medium for installing client

Country Status (1)

Country Link
CN (1) CN112597517A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080091947A1 (en) * 2006-10-17 2008-04-17 Andrew John Dancer Software registration system
US20090158035A1 (en) * 2007-12-13 2009-06-18 Stultz John G Public Key Encryption For Web Browsers
US20110154031A1 (en) * 2009-12-21 2011-06-23 International Business Machines Corporation Secure Kerberized Access of Encrypted File System
WO2011131715A1 (en) * 2010-04-22 2011-10-27 Bundesdruckerei Gmbh Method for reading an attribute from an id token
CN105354050A (en) * 2015-09-30 2016-02-24 深圳市九洲电器有限公司 Application software calling method for intelligent terminal
CN106304040A (en) * 2015-05-25 2017-01-04 阿里巴巴集团控股有限公司 The management method of Mobile solution, device
CN109165029A (en) * 2018-08-27 2019-01-08 北京奇虎科技有限公司 Realize method, server and the device of downloading-running payment applications
CN110071940A (en) * 2019-05-06 2019-07-30 深圳市网心科技有限公司 Software package encipher-decipher method, server, user equipment and storage medium
CN110300096A (en) * 2019-05-22 2019-10-01 深圳壹账通智能科技有限公司 Self checking method, apparatus, equipment and storage medium based on local certificate
CN110866226A (en) * 2019-11-15 2020-03-06 中博信息技术研究院有限公司 JAVA application software copyright protection method based on encryption technology

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080091947A1 (en) * 2006-10-17 2008-04-17 Andrew John Dancer Software registration system
US20090158035A1 (en) * 2007-12-13 2009-06-18 Stultz John G Public Key Encryption For Web Browsers
US20110154031A1 (en) * 2009-12-21 2011-06-23 International Business Machines Corporation Secure Kerberized Access of Encrypted File System
CN102668503A (en) * 2009-12-21 2012-09-12 国际商业机器公司 Secure kerberized access of encrypted file system
WO2011131715A1 (en) * 2010-04-22 2011-10-27 Bundesdruckerei Gmbh Method for reading an attribute from an id token
CN106304040A (en) * 2015-05-25 2017-01-04 阿里巴巴集团控股有限公司 The management method of Mobile solution, device
CN105354050A (en) * 2015-09-30 2016-02-24 深圳市九洲电器有限公司 Application software calling method for intelligent terminal
CN109165029A (en) * 2018-08-27 2019-01-08 北京奇虎科技有限公司 Realize method, server and the device of downloading-running payment applications
CN110071940A (en) * 2019-05-06 2019-07-30 深圳市网心科技有限公司 Software package encipher-decipher method, server, user equipment and storage medium
CN110300096A (en) * 2019-05-22 2019-10-01 深圳壹账通智能科技有限公司 Self checking method, apparatus, equipment and storage medium based on local certificate
CN110866226A (en) * 2019-11-15 2020-03-06 中博信息技术研究院有限公司 JAVA application software copyright protection method based on encryption technology

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
TIM COOIJMANS AUTHOR PICTURETIM COOIJMANS SNS REAAL, UTRECHT, NETHERLANDS VIEW PROFILE ,: "Analysis of Secure Key Storage Solutions on Android", SPSM \'14: PROCEEDINGS OF THE 4TH ACM WORKSHOP ON SECURITY AND PRIVACY IN SMARTPHONES & MOBILE DEVICES, no. 2014, 31 October 2014 (2014-10-31), pages 1 - 10 *
张向芳;李华;: "Web应用中的安全部署", 山西科技, no. 03, 20 May 2007 (2007-05-20), pages 1 - 3 *

Similar Documents

Publication Publication Date Title
US11237817B2 (en) Operating system update management for enrolled devices
CN111416811B (en) Unauthorized vulnerability detection method, system, equipment and storage medium
US8789152B2 (en) Method for managing authentication procedures for a user
CN107925877B (en) System and method for centralized configuration and authentication
CN111695156A (en) Service platform access method, device, equipment and storage medium
US10911299B2 (en) Multiuser device staging
US7996893B2 (en) Determining roles for automated tasks in a role-based access control environment
US20150143485A1 (en) Cloud security management system
CN112528262A (en) Application program access method, device, medium and electronic equipment based on token
CN110945504B (en) Delivering configuration-based workflows
US20190327238A1 (en) Method, apparatus and computer program product for executing an application in clouds
JP2018517982A (en) Automatic recharge system, method and server
CN112882863A (en) Method, device and system for recovering data and electronic equipment
US20210152537A1 (en) Data security utilizing historical password data
CN117131516B (en) Operation and maintenance method and device
CN112714179B (en) Client multitask installation method, system, equipment and medium based on browser
CN112491940B (en) Request forwarding method and device of proxy server, storage medium and electronic equipment
US20090216548A1 (en) License Management in a Networked Software Application Solution
US20210021416A1 (en) Systems and methods for using automated browsing to recover secured key from a single data entry
CN112597517A (en) Encrypted communication method, system, device and medium for installing client
US11411813B2 (en) Single user device staging
CN113535574A (en) Automatic generation method, device, equipment and medium for test user data
CN112860705A (en) Database connection configuration information management method, system, device and storage medium
CN111158649A (en) Method and device for configuring multi-level parameters
CN111885006B (en) Page access and authorized access method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination