CN112800406B - User-defined encrypted information transmission method and system - Google Patents

User-defined encrypted information transmission method and system Download PDF

Info

Publication number
CN112800406B
CN112800406B CN202110076307.XA CN202110076307A CN112800406B CN 112800406 B CN112800406 B CN 112800406B CN 202110076307 A CN202110076307 A CN 202110076307A CN 112800406 B CN112800406 B CN 112800406B
Authority
CN
China
Prior art keywords
subsystem
user
authority
information
encrypted data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110076307.XA
Other languages
Chinese (zh)
Other versions
CN112800406A (en
Inventor
盛林锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Handpal Information Technology Service Co ltd
Original Assignee
Shanghai Handpal Information Technology Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Handpal Information Technology Service Co ltd filed Critical Shanghai Handpal Information Technology Service Co ltd
Priority to CN202110076307.XA priority Critical patent/CN112800406B/en
Publication of CN112800406A publication Critical patent/CN112800406A/en
Application granted granted Critical
Publication of CN112800406B publication Critical patent/CN112800406B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a transmission method and a transmission system of user-defined encrypted information, wherein a first user login permission is obtained through a general login platform; judging whether the first user login authority meets a first preset requirement or not; when the first user login authority is met, first user authentication information is obtained according to the first user login authority; obtaining a preset authentication check rule; when the first user authentication information meets a preset authentication check rule, acquiring a first user setting authority; acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets a preset authentication and verification rule; encrypting the first user set authority and the first user authentication information through a first encryption algorithm to obtain first encrypted data information; and acquiring a first execution instruction according to the first encrypted data information and the first user set authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem. The technical problems that a plurality of systems are needed for business handling of financial enterprises, operation is complex, and safety problems exist if unified login passwords are solved.

Description

User-defined encrypted information transmission method and system
Technical Field
The invention relates to the technical field of computers, in particular to a transmission method and a transmission system of custom encrypted information.
Background
With the rapid development of informatization, large-scale enterprises, financial departments and the like begin to use electronic systems for office work and business handling, the whole office system and business platform are composed of a plurality of different subsystems, and if each system uses an independent login and verification mechanism, workers need to log in different systems for office work every day. The frequent operation of user login reduces the working efficiency of staff and causes the waste of working cost. And a large number of passwords and user names can be memorized for a long time, and forgetting the passwords or confusing the passwords can cause great troubles. In order to facilitate remembering, many people use the same user name and password at different sites, which, although reducing the burden, also reduces the security.
However, in the process of implementing the technical solution of the invention in the embodiments of the present application, the inventor of the present application finds that the above technology has at least the following technical problems:
in the prior art, a plurality of systems are needed for business handling of financial enterprises, the operation is complex, and the technical problem of safety is caused if unified login passwords are used.
Disclosure of Invention
The embodiment of the application provides a user-defined encrypted information transmission method and system, and solves the technical problems that in the prior art, a plurality of systems are needed for business handling of financial enterprises, the operation is complex, and if a login password is unified, the safety problem exists. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved.
In view of the foregoing problems, embodiments of the present application provide a method and a system for transmitting customized encrypted information.
In a first aspect, an embodiment of the present application provides a method for transmitting customized encrypted information, which is applied to an integrated service processing platform, where the integrated service processing platform includes a total login platform and a plurality of subsystems, and the total login platform is in data connection with the plurality of subsystems, and the method includes: obtaining a first user login authority through a total login platform; judging whether the first user login authority meets a first preset requirement or not; when the first user login authority is met, first user authentication information is obtained according to the first user login authority; acquiring a preset authentication check rule; when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority; acquiring a first encryption algorithm according to the first user setting authority, wherein the first encryption algorithm meets the preset authentication and verification rule; encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information; and obtaining a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem.
On the other hand, the present application further provides a user-defined encrypted information transmission system, which includes:
the first obtaining unit is used for obtaining a first user login authority through a total login platform;
the first judging unit is used for judging whether the first user login authority meets a first preset requirement or not;
a second obtaining unit, configured to obtain first user authentication information according to the first user login permission when the first user authentication information is satisfied;
a third obtaining unit, configured to obtain a preset authentication check rule;
a fourth obtaining unit, configured to obtain a first user setting permission when the first user authentication information satisfies the preset authentication check rule;
a fifth obtaining unit, configured to obtain a first encryption algorithm according to the first user set permission, where the first encryption algorithm meets the preset authentication check rule;
a sixth obtaining unit, configured to encrypt, by using the first encryption algorithm, the first user set permission and the first user authentication information to obtain first encrypted data information;
and the first execution unit is used for obtaining a first execution instruction according to the first encrypted data information and the first user login authority, and the first execution instruction is used for sending the first encrypted data information to each subsystem.
In a third aspect, the present invention provides a custom encryption information transmission system, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the method according to the first aspect when executing the program.
One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages:
the embodiment of the application provides a user-defined encrypted information transmission method and a user-defined encrypted information transmission system, which are applied to an integrated service processing platform, wherein the integrated service processing platform comprises a total login platform and a plurality of subsystems, the total login platform is in data connection with the subsystems, and a first user login permission is obtained through the total login platform; judging whether the first user login authority meets a first preset requirement or not; when the first user login authority is met, first user authentication information is obtained according to the first user login authority; acquiring a preset authentication check rule; when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority; acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets the preset authentication and verification rule; encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information; and acquiring a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem. The authority of the first user is set, the first encrypted data information obtained by encrypting the user authentication result through the user-defined encrypted data algorithm is sent to each subsystem, the first encrypted data information is sent to the corresponding subsystem with the authority according to the authority range corresponding to the first user, the login of each subsystem can be directly carried out without entering a login password again, the working efficiency is improved, meanwhile, the safety of data and authority in the transmission process is ensured by adding the user-defined encrypted algorithm, and the technical effects of the safety of the user information, the authority and the service related data in the service processing process are ensured. Therefore, the technical problems that in the prior art, a plurality of systems are needed for business transaction of a fusing enterprise, the operation is complex, and if unified login passwords exist, the safety problem exists are solved. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved.
The foregoing description is only an overview of the technical solutions of the present application, and the present application can be implemented according to the content of the description in order to make the technical means of the present application more clearly understood, and the following detailed description of the present application is given in order to make the above and other objects, features, and advantages of the present application more clearly understandable.
Drawings
Fig. 1 is a schematic flow chart of a transmission method of custom encrypted information according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a custom encryption information transmission system according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an exemplary electronic device according to an embodiment of the present application.
Description of reference numerals: a first obtaining unit 11, a first judging unit 12, a second obtaining unit 13, a third obtaining unit 14, a fourth obtaining unit 15, a fifth obtaining unit 16, a sixth obtaining unit 17, a first executing unit 18, a bus 300, a receiver 301, a processor 302, a transmitter 303, a memory 304, and a bus interface 306.
Detailed Description
The embodiment of the application provides a user-defined encrypted information transmission method and system, and solves the technical problems that in the prior art, a plurality of systems are needed for business handling of financial enterprises, the operation is complex, and if a login password is unified, the safety problem exists. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved. Hereinafter, example embodiments according to the present application will be described in detail with reference to the accompanying drawings. It should be apparent that the described embodiments are only a few embodiments of the present application, and not all embodiments of the present application, and it should be understood that the present application is not limited by the example embodiments described herein.
Summary of the application
With the rapid development of informatization, large-scale enterprises, financial departments and the like begin to use electronic systems for office work and business handling, the whole office system and business platform are composed of a plurality of different subsystems, and if each system uses an independent login and verification mechanism, workers need to log in different systems for office work every day. The frequent operation of user login reduces the working efficiency of staff and causes the waste of working cost. And a large number of passwords and user names can be memorized for a long time, and forgetting the passwords or confusing the passwords can cause great troubles. In order to facilitate memorization, many people use the same user name and password at different sites, which, although reducing the burden, also reduces the security. However, in the prior art, a plurality of systems are needed for business transaction of financial enterprises, the operation is complex, and if the login password is unified, the technical problem of safety exists.
In view of the above technical problems, the technical solution provided by the present application has the following general idea:
obtaining a first user login authority through a total login platform; judging whether the first user login authority meets a first preset requirement or not; when the first user login authority is met, first user authentication information is obtained according to the first user login authority; obtaining a preset authentication check rule; when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority; acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets the preset authentication and verification rule; encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information; and obtaining a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved.
Having thus described the general principles of the present application, various non-limiting embodiments thereof will now be described in detail with reference to the accompanying drawings.
Example one
As shown in fig. 1, an embodiment of the present application provides a method for transmitting customized encrypted information, which is applied to an integrated service processing platform, where the integrated service processing platform includes a total login platform and a plurality of subsystems, and the total login platform is in data connection with the plurality of subsystems, and the method includes:
step S100: obtaining a first user login authority through a total login platform;
step S200: judging whether the first user login authority meets a first preset requirement or not;
specifically, the integrated service processing platform has a unified service login entry, a user enters own account information through the login entry, a server of the integrated service processing platform checks the account information, when the account information meets the login requirement of the server, login permission corresponding to a first user is obtained, whether the login permission of the first user includes the account permissions of a predetermined number of subsystems in the integrated service processing platform is judged, if yes, the subsequent function of the embodiment of the application is entered, if the login permission of the first user is less, if the user only has the login permission of one subsystem, a single login page can be accessed, and excessive operation of the system is avoided.
Step S300: when the first user login authority is met, first user authentication information is obtained according to the first user login authority;
specifically, according to the first user login permission, the server of the integrated service processing platform authenticates the first user, obtains authentication information of the first user login, and the user who passes the permission verification is authenticated and binds the authentication information with the first user login permission.
Step S400: obtaining a preset authentication check rule;
step S500: when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority;
specifically, the preset authentication and verification rule is the basis for the operation of the user-defined encrypted information transmission method in the embodiment of the application, and authentication, verification and encryption processing can be performed only if each subsystem and the integrated service processing platform obey the same authentication and verification rule, and the authentication and verification processing can be directly performed in other associated subsystems or other systems which also accord with the authentication and verification rule after being verified by the integrated service processing platform. And matching the authentication information of the user permission band with a preset authentication check rule, and entering a corresponding subsystem to perform related permission service operation.
Step S600: acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets the preset authentication and verification rule;
specifically, in order to improve the security of user information, the user who passes the authority verification authentication is given a user-defined encryption authority in the embodiment of the application, the first encryption algorithm is a user-defined encryption data algorithm, and the encryption algorithm also meets the preset authentication and verification rule, so that the login verification between the total login platform and the multiple subsystems is facilitated. The user-defined encryption algorithm is only displayed in the login authority of the user, namely, each user can define the encryption algorithm by himself, and the safety of the data of the user is improved.
Step S700: encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information;
specifically, the authority set by the first user and the first user authentication information are encrypted through a first encryption algorithm to generate first encrypted data information corresponding to the first user, the user authentication information is encrypted through a user-defined encryption data algorithm, an encryption result is sent to the subsystem, and the security of data in the transmission process is guaranteed.
Step S800: and acquiring a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem.
Specifically, the authority set by the first user comprises authentication check result information of the user, corresponding access authority and custom encryption information, the login authority of the first user and first encryption data information obtained by encrypting a user authentication result through a custom encryption data algorithm are sent to each subsystem, the first encryption data information is sent to the corresponding subsystem with the authority according to the authority range corresponding to the first user, login of each subsystem can be directly carried out, login passwords do not need to be input again, working efficiency is improved, meanwhile, the safety in the data and authority transmission process is ensured by adding the custom encryption algorithm, and the technical effects of safety of user information, authority and service related data in the service processing process are ensured. Therefore, the technical problems that in the prior art, a plurality of systems are needed for business transaction of a fusing enterprise, the operation is complex, and if unified login passwords exist, the safety problem exists are solved. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved.
Further, after obtaining the first execution instruction according to the first encrypted data information and the first user set permission, the embodiment of the present application further includes:
step S910: obtaining the preset authentication and verification rule through a subsystem;
step S920: the subsystem obtains a first decryption algorithm through the preset authentication and verification rule and the first encrypted data information;
step S930: acquiring the first user set authority according to the first decryption algorithm and the first encrypted data information;
step S940: and obtaining subsystem operation authorities according to the first user setting authority, wherein the subsystem operation authorities corresponding to the subsystems all meet the preset authentication and verification rule.
Specifically, after first encrypted data information of a user is sent to a related subsystem, the subsystem performs authentication verification on first user login authority information corresponding to the first encrypted data information through a local preset authentication verification rule to obtain a first decryption algorithm. And decrypting the first encrypted data information through a first decryption algorithm to obtain authentication information corresponding to the user and a first user set permission, wherein the first user set permission is a specific operation permission of the first user in the system, such as the permission of the encryption algorithm, the permission of automatic login in which subsystems can be performed, the specific operation permission in the subsystems and the like. The first user authority information is password information of a first user logging in the integrated service processing platform, and the corresponding subsystem operation authority is obtained according to the authority set by the first user of the user, namely, which service contents can be operated in the subsystem. Corresponding business operation is carried out in the corresponding subsystem according to the subsystem operation authority of the user, login verification authority does not need to be carried out again, working efficiency of workers is greatly improved, and meanwhile safety of personal data is improved by using a self-defined encrypted data algorithm.
Further, the embodiment of the present application further includes:
step S1010: obtaining a first service request;
step S1020: acquiring a first subsystem according to the first service request;
step S1030: obtaining a first subsystem operation authority according to the first subsystem;
step S1040: obtaining a first user operation record according to the first subsystem operation authority;
step S1050: when the first user operation record contains the first service request, obtaining a second execution instruction, wherein the second execution instruction is used for executing the first service request and encrypting an execution result of the first service request through the first encryption algorithm;
step S1060: and obtaining second encrypted data information according to the second execution instruction.
Specifically, the embodiment of the application has a function of automatically matching subsystems according to an input service request, namely, a user inputs a service request to be handled in a total login platform, the system is automatically matched in a corresponding subsystem, related service operation is performed according to the authority of the user in the subsystem, and a method for verifying the service authority can be used for determining that the user logs in the subsystem before and performs corresponding operation according to the historical operation record of the user in the subsystem.
Further, the embodiment of the present application further includes:
step S1110: obtaining a second service request, wherein the second service request has a first correlation with the second encrypted data information;
step S1120: obtaining a second subsystem according to the second service request, wherein the second subsystem is different from the first subsystem;
step S1130: obtaining a second subsystem operation authority according to the second subsystem;
step S1140: judging whether the second subsystem operation authority and the first subsystem operation authority meet a second preset condition or not;
step S1150: when the first subsystem operation authority and the second subsystem operation authority are met, the second encrypted data information is obtained;
step S1160: obtaining the first decryption algorithm according to the second encrypted data information and the second subsystem operation authority;
step S1170: decrypting the second encrypted data information through the first decryption algorithm to obtain an execution result of the first service request;
step S1180: and obtaining a second service processing result according to the execution result of the first service request and the second service request.
Further, when the first encryption data information meets the second encryption data information, obtaining the second encryption data information according to the first subsystem operation authority and the second subsystem operation authority, the embodiment of the present application further includes:
step S1210: obtaining the first subsystem operation authority;
step S1220: acquiring the second encrypted data information according to the first subsystem operation authority;
step S1230: obtaining a first data transmission instruction according to the first subsystem operation authority and the second subsystem operation authority;
step S1240: sending the second encrypted data information to the second subsystem according to the first data transmission instruction;
step S1250: and obtaining the second encrypted data information according to the second subsystem operation authority.
Specifically, in the integrated service processing platform according to the embodiment of the present application, since the subsystems commonly comply with the preset authentication check rule and are mutually trusted systems, such as different service subsystems in a company or service subsystems in a system, a service crossing situation may occur in a service handling process, in order to further improve the working efficiency of the service handling, data sharing of crossing services may be performed in the subsystems, so as to avoid increasing workload due to repeated operations and avoiding data errors affecting the accuracy of related service handling, although data cannot be obtained at will, so that the security of data cannot be guaranteed, and service data is easily exposed, therefore, when performing the crossing service handling, the authority between the subsystems is authenticated, for example, a first service is handled in the first subsystem, when the second subsystem and the second subsystem meet the authentication requirement and are mutually trusted or the same subsystem, the corresponding second encrypted data information, namely the result of the processing of the first service, is obtained according to the authority of the first user in the first subsystem, the second encrypted data information is sent to the second subsystem for the processing of the second service, when the data is used, the corresponding decryption algorithm is obtained through the set authority of the first user, the second confidential data information is decrypted to obtain the processing result of the first service, thereby achieving the aim of improving the service processing capability on the one hand, on the one hand, the technical effect of data safety is ensured.
Further, the method further comprises:
step 1310: acquiring first service information, second service information and the Nth service information according to the permission set by the first user;
step S1320: generating a first verification code according to the first service information, wherein the first verification code corresponds to the first service information one to one;
step S1330: generating a second verification code according to the second service information and the first verification code; by parity of reasoning, generating an Nth verification code according to the Nth service information and the (N-1) th verification code, wherein N is a natural number greater than 1;
step S1340: and respectively copying and storing all the service data and the verification codes on M devices, wherein M is a natural number greater than 1.
Specifically, in order to further ensure the security of the user service data and prevent the user service data from being leaked and tampered, the encryption processing based on the block chain logic is performed on the user service data, so that the accuracy of the service processing is guaranteed, and a foundation is laid for accurate service processing. It is further understood that a first verification code is generated according to the first service information, wherein the first verification code corresponds to the first service information one to one. The block chain technology is a universal underlying technical framework, and can generate and synchronize data on distributed nodes through a consensus mechanism, and realize automatic execution and data operation of contract terms by means of programmable scripts. A block chain is defined as a data structure that organizes data blocks in time sequence, with chain-like connections being formed in order between different blocks, by means of which a digital ledger is built. And respectively copying and storing the information and the verification codes of all users on M devices on a block chain, wherein each device corresponds to a node. All blocks are combined to form a block chain, and the block chain forms a total account book which is convenient to verify (the Hash value of the last block is verified to be equivalent to the whole version), and cannot be changed (the Hash value of all the following blocks is changed due to the change of any transaction information, so that the transaction information cannot pass the verification).
Further, the embodiment of the present application further includes:
step S1410: taking the Nth service information and the Nth verification code as an Nth block;
step S1420: obtaining the recording time of the Nth block, wherein the recording time of the Nth block represents the time required to be recorded by the Nth block;
step S1430: obtaining the first equipment with the fastest transport capacity in the M pieces of equipment according to the recording time of the Nth block;
step S1440: and sending the recording right of the Nth block to the first equipment.
Specifically, an nth block is generated according to the nth service information and an nth verification code, specifically, a first block is generated according to the first service information and the first verification code, a second block is generated according to the second service information and the second verification code, a predetermined recording time of each block is obtained, a device which cannot record the block at the predetermined recording time is excluded, a first device with the fastest operation among the M devices is obtained, and a recording right of the block is sent to the first device.
Example two
Based on the same inventive concept as the method for transmitting the customized encrypted information in the foregoing embodiment, the present invention further provides a system for transmitting the customized encrypted information, as shown in fig. 2, the system includes:
a first obtaining unit 11, where the first obtaining unit 11 is configured to obtain a first user login right through a total login platform;
a first judging unit 12, where the first judging unit 12 is configured to judge whether the first user login authority meets a first predetermined requirement;
a second obtaining unit 13, where the second obtaining unit 13 is configured to obtain, when the first user login permission is met, first user authentication information according to the first user login permission;
a third obtaining unit 14, where the third obtaining unit 14 is configured to obtain a preset authentication check rule;
a fourth obtaining unit 15, where the fourth obtaining unit 15 is configured to obtain a first user setting permission when the first user authentication information satisfies the preset authentication check rule;
a fifth obtaining unit 16, where the fifth obtaining unit 16 is configured to obtain a first encryption algorithm according to the first user set permission, where the first encryption algorithm meets the preset authentication and verification rule;
a sixth obtaining unit 17, where the sixth obtaining unit 17 is configured to encrypt the first user set authority and the first user authentication information by using the first encryption algorithm, so as to obtain first encrypted data information;
a first executing unit 18, where the first executing unit 18 is configured to obtain a first executing instruction according to the first encrypted data information and the first user login authority, and the first executing instruction is used to send the first encrypted data information to each subsystem.
Further, the system further comprises:
a seventh obtaining unit, configured to obtain the preset authentication check rule through a subsystem;
an eighth obtaining unit, configured to obtain, by using the preset authentication check rule and the first encrypted data information, a first decryption algorithm by the subsystem;
a ninth obtaining unit, configured to obtain the first user setting permission according to the first decryption algorithm and the first encrypted data information;
a tenth obtaining unit, configured to obtain subsystem operation permissions according to the first user setting permission, where the subsystem operation permissions corresponding to the subsystems all meet the preset authentication check rule.
Further, the system further comprises:
an eleventh obtaining unit, configured to obtain the first service request;
a twelfth obtaining unit, configured to obtain the first subsystem according to the first service request;
a thirteenth obtaining unit, configured to obtain, according to the first subsystem, an operation permission of the first subsystem;
a fourteenth obtaining unit, configured to obtain a first user operation record according to the first subsystem operation permission;
a fifteenth obtaining unit, configured to, when the first user operation record includes the first service request, obtain a second execution instruction, where the second execution instruction is used to execute the first service request, and encrypt an execution result of the first service request by using the first encryption algorithm;
a sixteenth obtaining unit, configured to obtain second encrypted data information according to the second execution instruction.
Further, the system further comprises:
a seventeenth obtaining unit, configured to obtain a second service request, where the second service request has a first correlation with the second encrypted data information;
an eighteenth obtaining unit, configured to obtain a second subsystem according to the second service request, where the second subsystem is different from the first subsystem;
a nineteenth obtaining unit, configured to obtain, according to the second subsystem, an operation permission of the second subsystem;
the second judging unit is used for judging whether the second subsystem operation authority and the first subsystem operation authority meet a second preset condition or not;
a twentieth obtaining unit, configured to, when the first encrypted data information is satisfied, obtain the second encrypted data information according to the first subsystem operation authority and the second subsystem operation authority;
a twenty-first obtaining unit, configured to obtain the first decryption algorithm according to the second encrypted data information and the second subsystem operation permission;
a twenty-second obtaining unit, configured to decrypt the second encrypted data information through the first decryption algorithm, and obtain an execution result of the first service request;
a twenty-third obtaining unit, configured to obtain a second service processing result according to the execution result of the first service request and the second service request.
Further, the system further comprises:
a twenty-fourth obtaining unit, configured to obtain the first subsystem operation permission;
a twenty-fifth obtaining unit, configured to obtain the second encrypted data information according to the operating permission of the first subsystem;
a twenty-sixth obtaining unit, configured to obtain a first data transmission instruction according to the first subsystem operation permission and the second subsystem operation permission;
the first sending unit is used for sending the second encrypted data information to the second subsystem according to the first data transmission instruction;
a twenty-seventh obtaining unit, configured to obtain the second encrypted data information according to the second subsystem operation permission.
Further, the system further comprises:
a twenty-eighth obtaining unit, configured to obtain the first service information, the second service information, and up to the nth service information according to the first user set permission;
a second execution unit, configured to generate a first verification code according to the first service information, where the first verification code corresponds to the first service information one to one;
a third execution unit, configured to generate a second verification code according to the second service information and the first verification code; by analogy, generating an Nth verification code according to the Nth service information and the Nth-1 verification code, wherein N is a natural number greater than 1;
the first copying unit is used for respectively copying and storing all the service data and the verification codes on M devices, wherein M is a natural number greater than 1.
Further, the system further comprises:
a fourth execution unit, configured to use the nth service information and the nth verification code as an nth block;
a twenty-ninth obtaining unit, configured to obtain the nth block recording time, where the nth block recording time represents a time that needs to be recorded by the nth block;
a thirtieth obtaining unit, configured to obtain, according to the nth block recording time, a first device with the fastest transport capacity from the M devices;
a second sending unit, configured to send the recording right of the nth block to the first device.
Various variations and specific examples of the method for transmitting the customized encrypted information in the first embodiment of fig. 1 are also applicable to the system for transmitting the customized encrypted information in the present embodiment, and those skilled in the art can clearly know the method for transmitting the customized encrypted information in the present embodiment through the foregoing detailed description of the method for transmitting the customized encrypted information, so for the brevity of the description, detailed descriptions are omitted here.
Exemplary electronic device
An electronic apparatus of an embodiment of the present application is described below with reference to fig. 3.
Fig. 3 illustrates a schematic structural diagram of an electronic device according to an embodiment of the present application.
Based on the inventive concept of a customized encrypted information transmission method as in the foregoing embodiment, the present invention further provides a customized encrypted information transmission system, on which a computer program is stored, and the program, when executed by a processor, implements the steps of any one of the foregoing customized encrypted information transmission methods.
Where in fig. 3 a bus architecture (represented by bus 300), bus 300 may include any number of interconnected buses and bridges, bus 300 linking together various circuits including one or more processors, represented by processor 302, and memory, represented by memory 304. The bus 300 may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface 306 provides an interface between the bus 300 and the receiver 301 and transmitter 303. The receiver 301 and the transmitter 303 may be the same element, i.e., a transceiver, providing a means for communicating with various other systems over a transmission medium.
The processor 302 is responsible for managing the bus 300 and general processing, and the memory 304 may be used for storing data used by the processor 302 in performing operations.
One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages:
the embodiment of the application provides a user-defined encrypted information transmission method and a user-defined encrypted information transmission system, which are applied to an integrated service processing platform, wherein the integrated service processing platform comprises a total login platform and a plurality of subsystems, the total login platform is in data connection with the subsystems, and a first user login permission is obtained through the total login platform; judging whether the first user login authority meets a first preset requirement or not; when the first user login authority is met, first user authentication information is obtained according to the first user login authority; acquiring a preset authentication check rule; when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority; acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets the preset authentication and verification rule; encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information; and acquiring a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem. The authority of the first user is set, the first encrypted data information obtained by encrypting the user authentication result through the user-defined encrypted data algorithm is sent to each subsystem, the first encrypted data information is sent to the corresponding subsystem with the authority according to the authority range corresponding to the first user, the login of each subsystem can be directly carried out without entering a login password again, the working efficiency is improved, meanwhile, the safety of data and authority in the transmission process is ensured by adding the user-defined encrypted algorithm, and the technical effects of the safety of the user information, the authority and the service related data in the service processing process are ensured. Therefore, the technical problems that in the prior art, a plurality of systems are needed for business transaction of a fusing enterprise, the operation is complex, and if unified login passwords exist, the safety problem exists are solved. The technical effects that unified login is carried out in a plurality of systems through the same authentication and verification rule, multiple login processes are saved, the working efficiency is improved, user information is encrypted through a custom encryption algorithm, and the information transmission safety among the systems is ensured are achieved.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create a system for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction system which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (5)

1. A transmission method of self-defined encrypted information is applied to an integrated service processing platform, the integrated service processing platform comprises a total login platform and a plurality of subsystems, and the total login platform is in data connection with the subsystems, wherein the method comprises the following steps:
obtaining a first user login authority through a total login platform;
judging whether the first user login authority meets a first preset requirement or not;
when the first user login authority is met, first user authentication information is obtained according to the first user login authority;
obtaining a preset authentication check rule;
when the first user authentication information meets the preset authentication check rule, acquiring a first user setting authority;
acquiring a first encryption algorithm according to the first user set authority, wherein the first encryption algorithm meets the preset authentication and verification rule;
encrypting the first user set authority and the first user authentication information through the first encryption algorithm to obtain first encrypted data information;
obtaining a first execution instruction according to the first encrypted data information and the first user login authority, wherein the first execution instruction is used for sending the first encrypted data information to each subsystem;
obtaining the preset authentication and verification rule through a subsystem;
the subsystem obtains a first decryption algorithm through the preset authentication and verification rule and the first encrypted data information;
acquiring the first user set authority according to the first decryption algorithm and the first encrypted data information;
acquiring subsystem operation authorities according to the first user setting authorities, wherein the subsystem operation authorities corresponding to the subsystems all meet the preset authentication and verification rules;
obtaining a first service request;
acquiring a first subsystem according to the first service request;
obtaining a first subsystem operation authority according to the first subsystem;
obtaining a first user operation record according to the first subsystem operation authority;
when the first user operation record contains the first service request, obtaining a second execution instruction, wherein the second execution instruction is used for executing the first service request and encrypting an execution result of the first service request through the first encryption algorithm;
obtaining second encrypted data information according to the second execution instruction;
obtaining a second service request, wherein the second service request has a first correlation with the second encrypted data information;
obtaining a second subsystem according to the second service request, wherein the second subsystem is different from the first subsystem;
obtaining a second subsystem operation authority according to the second subsystem;
judging whether the second subsystem operation authority and the first subsystem operation authority meet a second preset condition or not;
when the first subsystem operation authority and the second subsystem operation authority are met, the second encrypted data information is obtained, wherein the second encrypted data information comprises: obtaining the first subsystem operation authority; obtaining the second encrypted data information according to the first subsystem operation authority; obtaining a first data transmission instruction according to the first subsystem operation authority and the second subsystem operation authority; sending the second encrypted data information to the second subsystem according to the first data transmission instruction; acquiring the second encrypted data information according to the second subsystem operation authority;
obtaining the first decryption algorithm according to the second encrypted data information and the second subsystem operation authority;
decrypting the second encrypted data information through the first decryption algorithm to obtain an execution result of the first service request;
and acquiring a second service processing result according to the execution result of the first service request and the second service request.
2. The method of claim 1, wherein the method further comprises:
acquiring first service information, second service information and up to Nth service information according to the authority set by the first user;
generating a first verification code according to the first service information, wherein the first verification code corresponds to the first service information one to one;
generating a second verification code according to the second service information and the first verification code; by parity of reasoning, generating an Nth verification code according to the Nth service information and the (N-1) th verification code, wherein N is a natural number greater than 1;
and respectively copying and storing all the service data and the verification codes on M devices, wherein M is a natural number greater than 1.
3. The method of claim 2, wherein the method further comprises:
taking the Nth service information and the Nth verification code as an Nth block;
obtaining the recording time of the Nth block, wherein the recording time of the Nth block represents the time required to be recorded by the Nth block;
obtaining the first equipment with the fastest transport capacity in the M pieces of equipment according to the recording time of the Nth block;
and sending the recording right of the Nth block to the first equipment.
4. A custom encrypted information delivery system, wherein the system comprises:
the first obtaining unit is used for obtaining a first user login authority through a total login platform;
the first judging unit is used for judging whether the first user login authority meets a first preset requirement or not;
a second obtaining unit, configured to obtain first user authentication information according to the first user login permission when the first user authentication information is satisfied;
a third obtaining unit, configured to obtain a preset authentication check rule;
a fourth obtaining unit, configured to obtain a first user setting permission when the first user authentication information satisfies the preset authentication check rule;
a fifth obtaining unit, configured to obtain a first encryption algorithm according to the first user set permission, where the first encryption algorithm meets the preset authentication check rule;
a sixth obtaining unit, configured to encrypt the first user setting permission and the first user authentication information according to the first encryption algorithm, to obtain first encrypted data information;
the first execution unit is used for obtaining a first execution instruction according to the first encrypted data information and the first user login authority, and the first execution instruction is used for sending the first encrypted data information to each subsystem;
a seventh obtaining unit, configured to obtain the preset authentication check rule through a subsystem;
an eighth obtaining unit, configured to obtain, by the subsystem, a first decryption algorithm according to the preset authentication and verification rule and the first encrypted data information;
a ninth obtaining unit, configured to obtain the first user setting permission according to the first decryption algorithm and the first encrypted data information;
a tenth obtaining unit, configured to obtain subsystem operation permissions according to the first user setting permission, where the subsystem operation permissions corresponding to the subsystems all meet the preset authentication check rule;
an eleventh obtaining unit, configured to obtain the first service request;
a twelfth obtaining unit, configured to obtain the first subsystem according to the first service request;
a thirteenth obtaining unit, configured to obtain, according to the first subsystem, an operation permission of the first subsystem;
a fourteenth obtaining unit, configured to obtain a first user operation record according to the first subsystem operation permission;
a fifteenth obtaining unit, configured to, when the first user operation record includes the first service request, obtain a second execution instruction, where the second execution instruction is used to execute the first service request, and encrypt an execution result of the first service request by using the first encryption algorithm;
a sixteenth obtaining unit, configured to obtain second encrypted data information according to the second execution instruction;
a seventeenth obtaining unit, configured to obtain a second service request, where the second service request has a first correlation with the second encrypted data information;
an eighteenth obtaining unit, configured to obtain a second subsystem according to the second service request, where the second subsystem is different from the first subsystem;
a nineteenth obtaining unit, configured to obtain, according to the second subsystem, an operation permission of the second subsystem;
a second judging unit, configured to judge whether the second subsystem operation authority and the first subsystem operation authority satisfy a second predetermined condition;
a twentieth obtaining unit, configured to, when the first encrypted data information is satisfied, obtain the second encrypted data information according to the first subsystem operation authority and the second subsystem operation authority;
a twenty-fourth obtaining unit, configured to obtain the first subsystem operation permission;
a twenty-fifth obtaining unit, configured to obtain the second encrypted data information according to the operating permission of the first subsystem;
a twenty-sixth obtaining unit, configured to obtain a first data transmission instruction according to the first subsystem operation permission and the second subsystem operation permission;
the first sending unit is used for sending the second encrypted data information to the second subsystem according to the first data transmission instruction;
a twenty-seventh obtaining unit, configured to obtain the second encrypted data information according to the second subsystem operation permission;
a twenty-first obtaining unit, configured to obtain the first decryption algorithm according to the second encrypted data information and the second subsystem operation permission;
a twenty-second obtaining unit, configured to decrypt, by using the first decryption algorithm, the second encrypted data information, and obtain an execution result of the first service request;
a twenty-third obtaining unit, configured to obtain a second service processing result according to the execution result of the first service request and the second service request.
5. A custom encryption information transmission system comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the method of any of claims 1-3.
CN202110076307.XA 2021-01-21 2021-01-21 User-defined encrypted information transmission method and system Active CN112800406B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110076307.XA CN112800406B (en) 2021-01-21 2021-01-21 User-defined encrypted information transmission method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110076307.XA CN112800406B (en) 2021-01-21 2021-01-21 User-defined encrypted information transmission method and system

Publications (2)

Publication Number Publication Date
CN112800406A CN112800406A (en) 2021-05-14
CN112800406B true CN112800406B (en) 2022-12-09

Family

ID=75810817

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110076307.XA Active CN112800406B (en) 2021-01-21 2021-01-21 User-defined encrypted information transmission method and system

Country Status (1)

Country Link
CN (1) CN112800406B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095266B (en) * 2021-11-19 2023-09-19 深圳市雷鸟网络传媒有限公司 Login authentication method and device, electronic equipment and readable storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418790A (en) * 2018-01-22 2018-08-17 平安科技(深圳)有限公司 Business tracking method, device, terminal device and storage medium
CN110020526A (en) * 2019-04-02 2019-07-16 深圳智乾区块链科技有限公司 The measures and procedures for the examination and approval, device and storage medium based on block chain authentication
CN111539813B (en) * 2020-07-10 2020-12-11 支付宝(杭州)信息技术有限公司 Method, device, equipment and system for backtracking processing of business behaviors

Also Published As

Publication number Publication date
CN112800406A (en) 2021-05-14

Similar Documents

Publication Publication Date Title
KR100338397B1 (en) Method and apparatus for verifying that the data in the data file is genuine
US9824233B2 (en) Posixly secure open and access files by inode number
US20100049974A1 (en) Method and apparatus for verification of information access in ict systems having multiple security dimensions and multiple security levels
CN112241919B (en) Multi-domain blockchain network with data flow control
CN115552441A (en) Low trust privilege access management
US20190386968A1 (en) Method to securely broker trusted distributed task contracts
JP2023548572A (en) Storing sensitive data on the blockchain
Singh et al. ITrust: identity and trust based access control model for healthcare system security
CN112800406B (en) User-defined encrypted information transmission method and system
US20240161078A1 (en) Computing system for configurable off-chain storage for blockchains
JP2023520634A (en) Maintaining contextual integrity
US9065638B2 (en) System, method, and program for information management
Kamaraju et al. Best practices for cloud data protection and key management
WO2020212349A1 (en) Methods and systems for validating data in a distributed computing network
Kirkman et al. Bridging the cloud trust gap: Using orcon policy to manage consumer trust between different clouds
CN111769956B (en) Service processing method, device, equipment and medium
US11153299B2 (en) Secure data transport using trusted identities
Gattoju et al. A Survey on Security of the Hadoop Framework in the Environment of Bigdata
Satybaldy et al. Decentralized Key Management for Digital Identity Wallets
US20230401328A1 (en) Protecting sensitive data dump information
Lagorio et al. Multilock: A Document Escrow Service
Padmanaban et al. A Secure Data Dynamics and Public Auditing Scheme for Cloud Storage
US20230315880A1 (en) Using smart contracts to manage hyper protect database as a service
Gasimov et al. Development of the information security system effective structure for the distributed computer networks
EP3539010B1 (en) Balancing public and personal security needs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A custom encrypted information transmission method and system

Effective date of registration: 20231129

Granted publication date: 20221209

Pledgee: Agricultural Bank of China Limited Shanghai Huangpu Sub branch

Pledgor: SHANGHAI HANDPAL INFORMATION TECHNOLOGY SERVICE Co.,Ltd.

Registration number: Y2023310000787

PE01 Entry into force of the registration of the contract for pledge of patent right