CN112948857A

CN112948857A - Document processing method and device

Info

Publication number: CN112948857A
Application number: CN202110237301.6A
Authority: CN
Inventors: 陈波; 霍秋桦; 林冬敏; 梁作斌; 晁云曈
Original assignee: Beijing Kingsoft Office Software Inc; Zhuhai Kingsoft Office Software Co Ltd; Wuhan Kingsoft Office Software Co Ltd
Current assignee: Beijing Kingsoft Office Software Inc; Zhuhai Kingsoft Office Software Co Ltd; Wuhan Kingsoft Office Software Co Ltd
Priority date: 2021-03-03
Filing date: 2021-03-03
Publication date: 2021-06-11

Abstract

The embodiment of the invention provides a document processing method and a document processing device, which relate to the technical field of document security, and the method comprises the following steps: acquiring an opening instruction of a document to be processed, wherein the document to be processed is an encrypted document; acquiring a password of the document to be processed according to the user identification information and the document identification information of the document to be processed; and decrypting the document to be processed according to the password of the document to be processed, and opening the document to be processed. By applying the document processing method provided by the embodiment of the invention, the document processing efficiency can be improved.

Description

Document processing method and device

Technical Field

The present invention relates to the field of document security technologies, and in particular, to a document processing method and apparatus.

Background

When a user processes a document based on daily office software, password protection needs to be performed on the document so as to prevent the document content from being leaked. When the document is subjected to password protection, the document processing process mainly involves two aspects of document encryption and document decryption.

In the prior art, when a document is encrypted, a user usually sets a password of the document, and a client encrypts the document based on the password set by the user; when the document is decrypted, the user inputs a password to the client according to the document password set by the user, and the client decrypts the document based on the password input by the user.

However, since the user sets the password of the document and inputs the password of the document, when the number of documents to be password-protected is large, the user needs to set the password of the large number of documents and manually input the password of the large number of documents, which results in low efficiency of document processing.

Disclosure of Invention

The embodiment of the invention aims to provide a document processing method and a document processing device so as to improve the efficiency of document processing. The specific technical scheme is as follows:

in a first aspect, an embodiment of the present invention provides a document processing method, where the method includes:

acquiring an opening instruction of a document to be processed, wherein the document to be processed is an encrypted document;

acquiring a password of the document to be processed according to the user identification information and the document identification information of the document to be processed;

and decrypting the document to be processed according to the password of the document to be processed, and opening the document to be processed.

In an embodiment of the present invention, the document to be processed is a document obtained by encrypting a document to be encrypted, and the method includes the following steps:

acquiring an encryption instruction of the document to be encrypted;

acquiring a password of the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted; wherein the password is: a password is generated according to the user identification information and the document identification information of the document to be encrypted;

and encrypting the document to be encrypted according to the password of the document to be encrypted to obtain an encrypted document serving as the document to be processed.

In an embodiment of the present invention, the obtaining the password of the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted includes

Obtaining an important value of the document to be encrypted;

acquiring a password of the document to be encrypted according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted, wherein the password is as follows: generating a password according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted;

under the condition that the important value of the document to be encrypted is larger than a preset threshold value, the password of the document to be encrypted is a character string with a first preset length, and the character string with the first preset length comprises characters of a first preset type;

and under the condition that the important value of the document to be encrypted is smaller than or equal to a preset threshold value, the password of the document to be encrypted is a character string with a second preset length, wherein the character string with the second preset length contains characters with a second preset type, the type number of the first preset type is larger than that of the second preset type, and the first preset length is larger than the second preset length.

In an embodiment of the present invention, the obtaining the password of the document to be encrypted according to the user identification information, the document identification information of the document to be encrypted, and the important value of the document to be encrypted includes:

acquiring a password of the document to be encrypted after being encrypted by a preset key according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted, wherein the preset key is a key agreed by a client and a server in advance;

and decrypting the obtained password based on the preset secret key to obtain the password of the document to be encrypted.

In an embodiment of the present invention, the obtaining the password of the document to be processed according to the user identification information and the document identification information of the document to be processed includes:

sending a password application request carrying the document identification information and the user identification information of the document to be processed to a server;

receiving a password of the document to be processed sent by the server; the password of the document to be processed is obtained from a corresponding relation stored in the server according to the document identification information and the user identification information of the document to be processed, wherein the corresponding relation is the relation among the user identification information, the document identification information of the document and the password for encrypting the document.

In an embodiment of the present invention, the correspondence relationship is:

the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the file;

and/or

The corresponding relation between the document identification information of the document and the user identification information, and the corresponding relation between the document identification information of the document and the password for encrypting the document.

In an embodiment of the present invention, in a case that the to-be-processed document is stored in a cloud, the document identification information of the to-be-processed document is an identification allocated by the cloud to the to-be-processed document;

under the condition that the document to be processed is stored locally at a client, the document identification information of the document to be processed comprises the complete name of the document to be processed; wherein the complete name includes a storage path of the document to be processed.

In a second aspect, an embodiment of the present invention provides a document processing method, where the method includes:

acquiring user identification information and document identification information of a document to be processed, wherein the document to be processed is an encrypted document;

according to the user identification information and the document identification information of the document to be processed, acquiring the password of the document to be processed from a corresponding relation stored locally, wherein the corresponding relation is the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the document;

and sending the password of the document to be processed to the client.

In an embodiment of the present invention, the document to be processed is a document obtained by encrypting a document to be encrypted, and the password of the document to be encrypted includes the following steps:

acquiring a password application request;

acquiring the user identification information and the document identification information of the document to be encrypted;

generating a password for the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted;

and storing the corresponding relation among the user identification information, the document identification information of the document to be encrypted and the password of the document to be encrypted.

In an embodiment of the present invention, in a case that the key application request carries an important value of the document to be encrypted, the generating a key for the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted includes:

acquiring an important value of the document to be encrypted;

comparing the important value of the document to be encrypted with a preset threshold value;

under the condition that the important value of the document to be encrypted is larger than a preset threshold value, generating a character string with a first preset length according to the user identification information and the document identification information of the document to be encrypted, wherein the character string is used as a password for encrypting the document to be encrypted; the character string with the first preset length comprises characters with a first preset type;

under the condition that the important value of the document to be encrypted is smaller than or equal to a preset threshold value, generating a character string with a second preset length according to the user identification information and the document identification information of the document to be encrypted, wherein the character string is used as a password for encrypting the document to be encrypted; the character string with the second preset length comprises characters with a second preset type; the number of the types of the first preset type is larger than that of the types of the second preset type, and the first preset length is larger than the second preset length.

In an embodiment of the present invention, the sending the password of the document to be processed to the client includes:

and encrypting the password of the document to be processed based on a preset key, and transmitting the encrypted password to the client, wherein the preset key is a key agreed by the client and the server in advance.

In an embodiment of the present invention, the correspondence relationship is:

the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the document;

and/or

In an embodiment of the present invention, after the obtaining the user identification information and the document identification information of the document to be processed, the method further includes:

verifying whether the user identification information is valid identification information;

and under the condition that the user identification information is effective identification information, acquiring the password of the document to be processed from the corresponding relation of local storage according to the user identification information and the document identification information of the document to be processed.

In a third aspect, an embodiment of the present invention provides a document processing apparatus, where the apparatus includes:

the instruction acquisition module is used for acquiring an opening instruction of a document to be processed, wherein the document to be processed is an encrypted document;

the password acquisition module is used for acquiring the password of the document to be processed according to the user identification information and the document identification information of the document to be processed;

and the document opening module is used for decrypting the document to be processed according to the password of the document to be processed and opening the document to be processed.

In an embodiment of the present invention, the apparatus further includes a document encryption module, where the document encryption module includes:

the instruction acquisition submodule is used for acquiring an encryption instruction of the document to be encrypted;

the password obtaining sub-module is used for obtaining the password of the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted; wherein the password is: a password is generated according to the user identification information and the document identification information of the document to be encrypted;

and the document encryption submodule is used for encrypting the document to be encrypted according to the password of the document to be encrypted to obtain an encrypted document which is used as the document to be processed.

In an embodiment of the invention, the password obtaining sub-module includes

The important value acquisition unit is used for acquiring the important value of the document to be encrypted;

a password obtaining unit, configured to obtain a password for the document to be encrypted according to the user identification information, the document identification information of the document to be encrypted, and the important value of the document to be encrypted, where the password is: generating a password according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted; under the condition that the important value of the document to be encrypted is larger than a preset threshold value, the password of the document to be encrypted is a character string with a first preset length, and the character string with the first preset length comprises characters of a first preset type; and under the condition that the important value of the document to be encrypted is smaller than or equal to a preset threshold value, the password of the document to be encrypted is a character string with a second preset length, wherein the character string with the second preset length contains characters with a second preset type, the type number of the first preset type is larger than that of the second preset type, and the first preset length is larger than the second preset length.

In an embodiment of the present invention, the password obtaining unit is specifically configured to obtain, according to the user identification information, the document identification information of the document to be encrypted, and the important value of the document to be encrypted, a password of the document to be encrypted after being encrypted by a preset key, where the preset key is a key agreed in advance by the client and the server; and decrypting the obtained password based on the preset secret key to obtain the password of the document to be encrypted.

In an embodiment of the present invention, the password obtaining module is specifically configured to send a password application request carrying document identification information and user identification information of the document to be processed to a server; receiving a password of the document to be processed sent by the server; the password of the document to be processed is obtained from a corresponding relation stored in the server according to the document identification information and the user identification information of the document to be processed, wherein the corresponding relation is the relation among the user identification information, the document identification information of the document and the password for encrypting the document.

In an embodiment of the present invention, the correspondence relationship is:

and/or

In a fourth aspect, an embodiment of the present invention provides a document processing apparatus, where the apparatus includes:

the information acquisition module is used for acquiring user identification information and document identification information of a document to be processed, wherein the document to be processed is an encrypted document;

the password acquisition module is used for acquiring the password of the document to be processed from a corresponding relation stored locally according to the user identification information and the document identification information of the document to be processed, wherein the corresponding relation is the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the document;

and the password sending module is used for sending the password of the document to be processed to the client.

In an embodiment of the present invention, the apparatus further includes a document generating module, where the document generating module includes:

the request acquisition submodule is used for acquiring a password application request;

the information acquisition submodule is used for acquiring the user identification information and the document identification information of the document to be encrypted;

the password generation submodule is used for generating a password for the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted;

and the corresponding relation storage submodule is used for storing the corresponding relation among the user identification information, the document identification information of the document to be encrypted and the password of the document to be encrypted.

In an embodiment of the present invention, in a case that the key application request carries an important value of the document to be encrypted, the key generation sub-module includes:

the important value comparison unit is used for comparing the important value of the document to be encrypted with a preset threshold value;

the first password generation unit is used for generating a character string with a first preset length according to the user identification information and the document identification information of the document to be encrypted under the condition that the important value of the document to be encrypted is larger than a preset threshold value, and the character string is used as a password for encrypting the document to be encrypted; the character string with the first preset length comprises characters with a first preset type;

the second password generation unit is used for generating a character string with a second preset length according to the user identification information and the document identification information of the document to be encrypted under the condition that the important value of the document to be encrypted is smaller than or equal to a preset threshold value, and the character string is used as a password for encrypting the document to be encrypted; the character string with the second preset length comprises characters with a second preset type; the number of the types of the first preset type is larger than that of the types of the second preset type, and the first preset length is larger than the second preset length.

In an embodiment of the present invention, the password sending module is specifically configured to encrypt the password of the to-be-processed document based on a preset key, and transmit the encrypted password to the client, where the preset key is a key agreed in advance between the client and the server.

In an embodiment of the present invention, the correspondence relationship is:

and/or

In an embodiment of the present invention, the apparatus further includes:

the information verification module is used for verifying whether the user identification information is valid identification information or not after the information acquisition module;

and the information acquisition module is used for acquiring the password of the document to be processed from the corresponding relation stored locally according to the user identification information and the document identification information of the document to be processed under the condition that the user identification information is effective identification information.

In a fifth aspect, an embodiment of the present invention provides an electronic device, where the electronic device runs a client, and includes a processor, a communication interface, a memory, and a communication bus, where the processor and the communication interface are used, and the memory completes mutual communication through the communication bus;

a memory for storing a computer program;

a processor configured to implement the method steps of the first aspect or the second aspect when executing the program stored in the memory.

In a sixth aspect, the present invention provides a computer-readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the method steps of the first aspect or the second aspect.

As can be seen from the above, when the scheme provided by this embodiment is applied to data processing, the password of the document to be processed is directly obtained according to the user identification information and the document identification information of the document to be processed, so as to decrypt the document to be processed.

In addition, the password of the document to be processed is directly obtained according to the user identification information and the document identification information of the document to be processed, the user does not need to input the password manually, even the user does not need to know the password information, the risk that the password of the document to be processed is leaked or lost is low, and compared with the password of the document manually managed by the user, the security of the document password is improved.

Of course, not all of the advantages described above need to be achieved at the same time in the practice of any one product or method of the invention.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

FIG. 1 is a flowchart illustrating a first document processing method according to an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a second document processing method according to an embodiment of the present invention;

FIG. 3 is a schematic structural diagram of a first document processing apparatus according to an embodiment of the present invention;

FIG. 4 is a schematic structural diagram of a second document processing apparatus according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a server according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

First, an execution body of the embodiment of the present invention will be explained.

The execution subject of the embodiment of the present invention may be a client, specifically, the client may be an application program running in an electronic device, and the client may also be a web browser in the world wide web.

Referring to fig. 1, fig. 1 is a schematic flow chart of a first document processing method according to an embodiment of the present invention, where the method includes the following steps S101 to S103.

Step S101: and acquiring an opening instruction of the document to be processed.

The document to be processed is an encrypted document. The document to be processed can be stored in the local client side and can also be stored in the cloud side. Specifically, the document to be encrypted may include any encryptable document form such as a wps document, an office document, a pdf document, and the like, and is not limited herein.

The opening instruction of the document to be processed is used for indicating the opening of the document to be processed. Specifically, the user may select the document to be processed on the user interface, select a menu item for opening the document to be processed, and the client may obtain an opening instruction of the document to be processed. The user can also operate in the user interface according to the shortcut for opening the document, and the client can also obtain the opening instruction of the document to be processed.

Step S102: and acquiring the password of the document to be processed according to the user identification information and the document identification information of the document to be processed.

The user identification information is information for identifying the identity of the user. Specifically, the user identification information may include one or more of a login account of the user, an identity token of the user, identity information of the user, a mobile phone number of the user, and the like.

The document identification information of the document to be processed is used for identifying the information of the document to be processed.

Specifically, in a case that the to-be-processed document is stored locally at the client, the document identification information of the to-be-processed document may include a complete name of the to-be-processed document, where the complete name includes a storage path of the to-be-processed document, and may further include one or more of a document name, time, a sequence number, and the like of the to-be-processed document.

The document identification information of the document to be processed may further include device information of a client that stores the document to be processed, where the device information of the client may be an IP address or an MAC address of the client.

In a case that the to-be-processed document is stored in the cloud, the document identification information of the to-be-processed document may be an identification allocated by the cloud to the to-be-processed document, for example: the cloud terminal allocates document numbers, storage addresses and the like to the documents to be processed.

Specifically, when the password of the document to be processed is obtained, a password application request carrying document identification information and user identification information of the document to be processed can be sent to the server; and receiving the password of the document to be processed sent by the server.

Specifically, the password of the document to be processed may be a password obtained by the server from a correspondence stored in the server according to the document identification information and the user identification information of the document to be processed. The corresponding relation is as follows: user identification information, document identification information of the document, and a password for encrypting the document. The storage of the correspondence relationship will be described in detail later.

The server can send the password of the document to be processed to the client after obtaining the password of the document to be processed, and the client can directly obtain the password of the document to be processed. In order to reduce the risk of password leakage in the transmission process, the server can also encrypt the acquired password by adopting a preset password and send the encrypted password to the client, wherein the preset key is a key agreed by the server and the client in advance, so that the client can decrypt the received encrypted password by adopting the preset key to obtain the password of the document to be processed.

The correspondence may be: the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the file.

In this case, the server may search for a password corresponding to the two pieces of identification information based on the document identification information of the document to be processed, the user identification information, and the correspondence relationship, thereby obtaining the password of the document to be processed.

The above correspondence relationship may also be: the corresponding relation between the document identification information of the document and the user identification information, and the corresponding relation between the document identification information of the document and the password for encrypting the document. In this case, the server may first determine document identification information corresponding to the user identification information based on the user identification information, and when the determined document identification information coincides with the document identification information of the to-be-processed document, determine a password corresponding to the document identification information based on the document identification information of the to-be-processed document, thereby obtaining the password of the to-be-processed document.

Step S103: and decrypting the document to be processed according to the password of the document to be processed, and opening the document to be processed.

Specifically, under the condition that the to-be-processed document is stored locally at the client, the client may decrypt the locally-stored to-be-processed document by using a preset decryption algorithm according to the password.

In one embodiment, after the client obtains an opening instruction of the document to be processed, the client sends the user identification information and the document identification information of the document to be processed to the cloud, the cloud obtains a password according to the user identification information, the document identification information of the document to be processed and the corresponding relation, decrypts the document to be processed by using a preset decryption algorithm according to the obtained password, and displays the decrypted document to be processed to the client.

As can be seen from the above, when the scheme provided by this embodiment is applied to data processing, the password of the document to be processed is obtained according to the user identification information and the document identification information of the document to be processed, so as to decrypt the document to be processed.

The document to be processed is obtained by encrypting the document to be encrypted, and specifically, the document to be processed may be obtained according to the following steps a1 to a step A3.

Step A1: and acquiring an encryption instruction of the document to be encrypted.

The document to be encrypted can be a document locally stored in the client, and can also be a document stored in the cloud. Specifically, the document to be encrypted may include any encryptable document form such as a wps document, an office document, a pdf document, and the like, and is not limited herein.

The encryption instruction of the document to be encrypted is used for indicating the encryption of the document to be encrypted. Specifically, the user can select the document to be encrypted on the user interface, select the menu item for encrypting the document to be encrypted, and the client can obtain the encryption instruction of the document to be encrypted. The user can also operate in the user interface according to the shortcut of the encrypted document, and the client can also obtain the encryption instruction of the document to be encrypted.

Step A2: and acquiring the password of the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted.

The password is as follows: and generating a password according to the user identification information and the document identification information of the document to be encrypted.

The document identification information of the document to be encrypted is information for identifying the document to be encrypted.

Specifically, when the password of the document to be encrypted is obtained, a password application request carrying document identification information and user identification information of the document to be encrypted can be sent to the server; and receiving the password of the document to be encrypted sent by the server.

After receiving the password application request, the server can analyze the request to obtain the user identification information and the document identification information of the document to be encrypted, and generate the password according to the user identification information and the document identification information of the document to be encrypted.

Specifically, the server may select a password from preset passwords stored locally, and may also select characters from preset characters to generate a password.

Characters can also be selected from the characters contained in the user identification information and the document identification information of the document to be encrypted to generate a password, for example: the characters can be randomly selected from the characters, and the characters at preset positions in the characters can be selected to form the password.

After generating the password, the server sends the password of the document to be encrypted to the client, and stores the corresponding relation among the document identification information of the document to be encrypted, the user identification information of the user and the password of the document to be encrypted.

Specifically, the correspondence stored by the server may include the following cases.

In the first case, there is a one-to-one correspondence between document identification information, individual user identification information, and individual passwords for individual documents.

In the second case, a single user identification information corresponds to document identification information of a plurality of documents and to a single password.

In the third case, the single user identification information corresponds to the document identification information of a plurality of documents and corresponds to the corresponding relationship between a plurality of passwords, wherein the document identification information of the documents corresponds to the passwords one to one.

In the fourth case, the document identification information of a single document corresponds to a plurality of user identification information and to a single password.

In the fifth case, the document identification information of a single document corresponds to a plurality of user identification information and corresponds to a plurality of passwords, wherein the user identification information corresponds to the passwords one to one.

In one embodiment, when the corresponding relationship among the document identification information of a document, the user identification information and a single password is not a one-to-one corresponding relationship, the correspondence is that the single user identification information corresponds to the document identification information of a plurality of documents, and the correspondence between the single password is taken as an example for explanation, when a user opens a password authority request for a second document, the user identification information is obtained according to a password application request which is sent by a client to a server and carries the document identification information and the user identification information of the second document, the correspondence between the document identification information, the user identification information and the password is determined according to the user identification information, the document identification information of the second document is added into the correspondence, the correspondence includes that the user identification information corresponds to the document identification information of a first document, the document identification information of the second document is added into the correspondence, the single user identification information is made to correspond to the document identification information of the two documents, and the user identification information is made to correspond to the single password according to the user identification information, thereby storing the correspondence between the single user identification information and the document identification information of the plurality of documents and the single password.

The storage mode of the corresponding relation other than the one-to-one corresponding relation between the document identification information of a single document and the single user identification information and the single password corresponds to the document identification information of the single user identification information and the multiple documents, is the same as the storage mode of the corresponding relation between the single passwords, and is not repeated.

Because the server stores the corresponding relation among the user identification information, the document identification information of the document to be encrypted and the password of the document to be encrypted, when the document to be processed needs to be decrypted, the password for encrypting the document can be obtained based on the user identification information and the document identification information of the document based on the corresponding relation stored by the server, so that the document can be decrypted.

Step A3: and encrypting the document to be encrypted according to the password of the document to be encrypted to obtain the encrypted document serving as the document to be processed.

Specifically, under the condition that the document to be encrypted is stored locally at the client, the client may encrypt the locally stored document to be encrypted by using a preset encryption algorithm according to the password.

In one embodiment, after the client obtains an open command of the document to be processed, the client sends the user identification information and the document identification information of the document to be processed to the cloud, the cloud obtains a password according to the user identification information, the document identification information of the document to be processed and the corresponding relation, encrypts the document to be encrypted by adopting a preset encryption algorithm according to the obtained password, and displays the encrypted document to the client.

For each document to be encrypted, the password of the document to be encrypted may be adapted to the important value of the document to be encrypted. The importance value of the document to be encrypted is used for reflecting the importance degree of the document to be encrypted, for example: when the importance value of the document to be encrypted is higher, the highest importance degree of the document to be encrypted is represented.

Based on the above, when the password of the document to be encrypted is obtained, the important value of the document to be encrypted can be obtained; and acquiring the password of the document to be encrypted according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted.

The password is as follows: and generating a password according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted.

Specifically, a password application request carrying document identification information of a document to be encrypted, user identification information and an important value of the document to be encrypted can be sent to a server; and receiving the password of the document to be encrypted sent by the server.

After receiving the password application request, the server can analyze the request to obtain user identification information, document identification information of the document to be encrypted and an important value of the document to be encrypted, and generate a password according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted.

Specifically, the server may compare the importance value of the document to be encrypted with a preset threshold. The threshold value can be preset by a worker, and can also be obtained according to analysis of historical documents.

Under the condition that the important value of the document to be encrypted is greater than a preset threshold value, the password of the document to be encrypted is as follows: the character string with the first preset length.

The fact that the important value of the document to be encrypted is larger than the preset threshold value can indicate that the document to be encrypted is important, and therefore the strength of the password of the document to be encrypted is high for the document to be encrypted.

The first predetermined length string may include a first predetermined type of character. The first preset type of character may include: numeric, alphabetic, and symbolic types of characters. The first preset length may be set by a worker according to experience. For example: in order to improve the security strength of the password, the first preset length may be 10 or 20 characters.

Specifically, when generating a character string of a first preset length, the server may select a character from the characters of each first preset type, and generate the character string of the first preset length. For example: the characters may be randomly selected from among the characters of the first preset type, and the characters located at preset positions among the characters of the first preset type may also be selected.

The server may further select a character from characters of first preset types included in the user identification information and the document identification information of the document to be encrypted, and generate a character string of a first preset length, for example: the characters can be randomly selected from the characters, and the characters at preset positions in the characters can be selected to form the password.

Under the condition that the important value of the document to be encrypted is less than or equal to the preset threshold, the password of the document to be encrypted is as follows: and the character string has a second preset length.

The fact that the importance value of the document to be encrypted is smaller than or equal to the preset threshold value can indicate that the importance degree of the document to be encrypted is low, and the strength of the password of the document to be encrypted is low.

Since the importance degree of the document to be encrypted, whose importance value is greater than the preset threshold, is higher than the importance degree of the document to be encrypted, whose importance value is less than or equal to the preset threshold, in order to make the strength of the password of the document to be encrypted, whose importance value is greater than the preset threshold, higher than the strength of the document to be encrypted, whose importance value is less than or equal to the preset threshold, the first preset length may be greater than the second preset length.

For example: assuming that the first predetermined length is 10 characters in length, the second predetermined length may be 5 characters in length, 8 characters in length, etc., assuming that the first predetermined length is 20 characters in length, the second predetermined length may be 15 characters in length, 10 characters in length, etc.

The character string of the second preset length may include characters of a second preset type, and the number of types of the first preset type may be greater than the number of types of the second preset type.

For example: assume that when the first predetermined type is: the second preset type may be: numbers, letters.

Specifically, when generating a character string of a second preset length, the server may select a character from the characters of the second preset type to generate the character string of the second preset length. For example: the characters may be randomly selected from among the characters of the second preset type, and the characters located at preset positions among the characters of the second preset type may also be selected.

The server may further select a character from each second preset type of characters included in the user identification information and the document identification information of the document to be encrypted, and generate a character string of a second preset length, for example: the characters can be randomly selected from the characters, and the characters at preset positions in the characters can be selected to form the password.

Therefore, the password of the document to be encrypted is obtained according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted, the password of the document to be encrypted is generated according to the user identification information, the document identification information of the document to be encrypted and the important value of the document to be encrypted, the important value of the document to be encrypted reflects the importance degree of the document to be encrypted, the password of the document to be encrypted is adaptive to the importance degree of the document to be encrypted, and the security of the encrypted document is improved when the document is encrypted based on the password of the document to be encrypted.

In order to improve the security of the password of the document to be encrypted, in an embodiment of the present invention, the password of the document to be encrypted after being encrypted by the preset key may be obtained according to the user identification information, the document identification information of the document to be encrypted, and the important value of the document to be encrypted; and decrypting the obtained password based on the preset key to obtain the password of the document to be encrypted.

The preset key is a key agreed by the client and the server in advance. The password encrypted by the preset key is acquired, and the preset key is difficult to acquire by a third party, so that the password of the document to be encrypted is difficult to steal or forge, and the security of the password is improved.

When a user wants to obtain a password of a document to be processed, in an embodiment of the present invention, the client may further send a password query request to the server, where the password query request carries the user identification information and the document identification information of the document to be processed, so that the server obtains the password of the document to be processed from a correspondence between the document identification information of the document to be processed, the user identification information of the user, and the password for encrypting the document according to the document identification information and the user identification information of the document to be processed under the condition that the user identification information is verified to be valid identification information, and the client may display the password in a user interface or send the password to a mailbox or a short message of the user after receiving the password sent by the server.

Specifically, the user may input the user identification information and the document identification information of the document to be processed in a preset dialog box of the client, and the client generates the password query request based on the obtained user identification information and the document identification information of the document to be processed.

The method can also be used for acquiring the document identification information of the document to be processed according to the document to be processed selected by the user, acquiring the user identification information, and generating the password query request by the client based on the acquired user identification information and the document identification information of the document to be processed.

After the user selects the document to be processed on the user interface, when the client identifies that the document to be processed selected by the user is the encrypted document, the user identification information and the document identification information of the document to be processed are obtained, and the password query request carrying the user identification information and the document identification information of the document to be processed is generated.

Corresponding to the document processing method applied to the client, the embodiment of the invention also provides a document processing method applied to the server.

Referring to fig. 2, fig. 2 is a schematic flowchart of a second document processing method according to an embodiment of the present invention. The method includes the following steps S201 to S203.

Step S201: and acquiring user identification information and document identification information of the document to be processed.

The document to be processed is an encrypted document.

Specifically, when the client sends a password application request to the server, the request carries user identification information and document identification information of the document to be processed, and after receiving the request, the server can analyze the request to obtain the user identification information and the document identification information of the document to be processed.

When the client directly sends the user identification information and the document identification information of the document to be processed to the server and requests the server to send the password of the document to be processed, the server can also obtain the user identification information and the document identification information of the document to be processed.

Step S202: and acquiring the password of the document to be processed from the corresponding relation stored locally according to the user identification information and the document identification information of the document to be processed.

The corresponding relation is the corresponding relation between the document identification information and the user identification information of the document and the password for encrypting the document. The storage manner of the correspondence relationship is described in step a 2.

Specifically, the correspondence relationship may be: the corresponding relation among the user identification information, the document identification information of the document and the password for encrypting the file.

The correspondence may be: the corresponding relation between the document identification information of the document and the user identification information, and the corresponding relation between the document identification information of the document and the password for encrypting the document. In this case, the server may first determine document identification information corresponding to the user identification information based on the user identification information, and when the determined document identification information coincides with the document identification information of the to-be-processed document, determine a password corresponding to the document identification information based on the document identification information of the to-be-processed document, thereby obtaining the password of the to-be-processed document.

Step S203: and sending the password of the document to be processed to the client.

As can be seen from the above, when the scheme provided in this embodiment is applied to data processing, since the password of the document to be processed is obtained according to the user identification information and the document identification information of the document to be processed, and the password of the document to be processed is sent to the client, compared with the prior art, the password of the document does not need to be determined by the user, the accuracy of obtaining the document password is improved, and thus the efficiency of processing the document is improved.

The document to be processed may be a document obtained by encrypting a document to be encrypted, and specifically, the document to be processed may be obtained according to the following steps B1 to B4.

Step B1: and acquiring a password application request.

The password application request can be sent by the client to the server and used for requesting to obtain the password of the document to be processed.

Step B2: and acquiring user identification information and document identification information of the document to be encrypted.

Specifically, the password application request may carry user identification information and document identification information of the document to be encrypted, and the server may parse the password application request after receiving the password application request to obtain the user identification information and the document identification information of the document to be encrypted.

The user identification information and the document identification information of the document to be encrypted can also be directly sent to the server by the client.

Step B3: and generating a password for the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted.

The server can send the password of the document to be encrypted to the client after generating the password, and the client can encrypt the document to be encrypted after receiving the password of the document to be encrypted.

Step B4: and storing the corresponding relation among the user identification information, the document identification information of the document to be encrypted and the password of the document to be encrypted.

Because the server stores the corresponding relation among the document identification information of the document to be encrypted, the user identification information and the password of the document to be encrypted, when the document to be processed needs to be decrypted, the password for encrypting the document can be obtained based on the document identification information of the document and the user identification information of the user based on the corresponding relation stored by the server, so that the document can be decrypted.

The above correspondence relationship may also be: the corresponding relation between the document identification information of the document and the user identification information, and the corresponding relation between the document identification information of the document and the password for encrypting the document.

In the case that the above-mentioned password application request carries the important value of the document to be encrypted, the password may also be generated for the document to be encrypted according to the following steps C1-C3.

Step C1: and acquiring the important value of the document to be encrypted.

The importance value of the document to be encrypted is used for reflecting the importance degree of the document to be encrypted, for example: when the importance value of the document to be encrypted is higher, the highest importance degree of the document to be encrypted is represented.

Specifically, the password application request can be analyzed to obtain the important value of the document to be encrypted.

Step C2: and comparing the important value of the document to be encrypted with a preset threshold value.

The threshold value can be preset by a worker, and can also be obtained according to analysis of historical documents.

Step C3: and under the condition that the important value of the document to be encrypted is larger than a preset threshold value, generating a character string with a first preset length according to the user identification information and the document identification information of the document to be encrypted, wherein the character string is used as a password for encrypting the document of the document to be encrypted.

The first string of predetermined length includes a first predetermined type of character.

Step C3: and under the condition that the important value of the document to be encrypted is smaller than or equal to the preset threshold value, generating a character string with a second preset length according to the user identification information and the document identification information of the document to be encrypted, wherein the character string is used as a password for encrypting the document to be encrypted.

The character string of the second preset length includes a second preset type of character. The number of the types of the first preset type is larger than that of the types of the second preset type. The first preset length is greater than the second preset length.

In order to improve the security of the password of the document to be processed, in an embodiment of the present invention, the password of the document to be processed may be encrypted based on the preset key, and the encrypted password may be transmitted to the client.

In another embodiment of the invention, when a user logs in a personal office account to open an office document, the user triggers a password protection opening instruction, at the moment, a server distributes a random high-strength password for the document to be encrypted, and the password is used for encrypting the document to be encrypted to generate the document to be processed; meanwhile, the server stores the corresponding relation of the password, the user identification information (such as the current user account number) and the document identification information (which may be the unique identity mark of the current document, for example, the document ID) of the document to be encrypted in the database.

When the document to be processed is opened again, the program sends the user identification information and the document identification information of the document to be encrypted to the server, after the server receives the relevant information, the server inquires the corresponding password according to the corresponding relation, and then the inquired password is used for decrypting and opening the document to be processed.

Specifically, when receiving a document password protection opening instruction triggered by a user, a program applies for a password from a server (taking a password management server as an example), and uploads user identification information of the current user and document identification information of a document to be encrypted. The password management server calls the password generation module to generate a random password, and the password character string comprises numbers, letters and symbols and reaches a certain length so as to meet the requirement of high-strength confidentiality. The password management server returns the generated password to the program; and simultaneously storing the password, the user identification information and the document identification information of the document to be encrypted into a database. After the program receives the password, the program encrypts the encrypted document with the password.

When the program receives an instruction for opening the document to be processed, if the document to be processed is found to be an encrypted document, the user identification information of the current user and the document identification information of the document to be encrypted are sent to the password management server, and a corresponding password is inquired. The password management server inquires in a database according to the stored corresponding relation according to the received inquiry password instruction, the user identification information and the document identification information of the document to be encrypted; after the corresponding password is found, returning to the program; and after receiving the password, the program decrypts and opens the document to be processed by using the password. The program may be stored in a client or a cloud server, which is not limited herein.

In order to prevent other users from obtaining the password of the document, the server can also verify whether the user identification information is valid identification information after obtaining the user identification information and the document identification information of the document to be processed; and under the condition that the user identification information is effective identification information, acquiring the password of the document to be processed from the corresponding relation of local storage according to the user identification information and the document identification information of the document to be processed.

Specifically, when the user identification information is the user identification token and whether the user identification information is valid identification information is verified, the server may determine whether the validity period of the user identification token is within the preset validity period, and if so, the user identification information is considered to be valid identification information; if not, the user identification information is considered as invalid identification information.

When the server locally stores the user identification information of each registered user, and when verifying whether the user identification information is valid identification information, the server can also match the obtained user identification information with the user identification information locally stored by the server, and if the same matching result exists, the user identification information is considered to be valid identification information; and if the same matching result does not exist, the user identification information is considered as invalid identification information.

Therefore, when the server inquires the password for encrypting the document to be processed from the corresponding relationship of the local storage based on the document identification information of the document and the user identification information of the user, the user identification information is verified, and the password of the document to be processed is inquired from the corresponding relationship after the verification is passed, so that the password safety is improved.

Corresponding to the document processing method, the embodiment of the invention also provides a document processing device.

Referring to fig. 3, fig. 3 is a schematic structural diagram of a first document processing apparatus according to an embodiment of the present invention, where the apparatus includes the following

modules

301 and 303.

The instruction obtaining module 301 is configured to obtain an opening instruction of a to-be-processed document, where the to-be-processed document is an encrypted document;

a password obtaining module 302, configured to obtain a password of the document to be processed according to the user identification information and the document identification information of the document to be processed;

and the document opening module 303 is configured to decrypt the to-be-processed document according to the password of the to-be-processed document, and open the to-be-processed document.

The password of the document to be encrypted is obtained according to the user identification information and the document identification information of the document to be encrypted, and the password is generated according to the user identification information and the document identification information of the document to be encrypted.

In an embodiment of the invention, the password obtaining sub-module includes

The password encrypted by the preset key is acquired, and the preset key is difficult to acquire by a third party, so that the password of the document to be encrypted is difficult to steal or forge, and the security of the password is improved.

In this way, since the server stores the relationship between the document identification information of the document, the user identification information of the user, and the password for encrypting the document, the password for the document to be processed is acquired according to the stored correspondence, the user identification information, and the document identification information of the document to be processed.

In an embodiment of the present invention, the correspondence relationship is:

and/or

Referring to fig. 4, fig. 4 is a schematic structural diagram of a second document processing apparatus according to an embodiment of the present invention, where the apparatus includes 401 and 403.

An information obtaining module 401, configured to obtain user identification information and document identification information of a to-be-processed document, where the to-be-processed document is an encrypted document;

a password obtaining module 402, configured to obtain a password of the document to be processed from a locally stored correspondence according to the user identification information and the document identification information of the document to be processed, where the correspondence is a correspondence between the user identification information, the document identification information of the document, and a password for encrypting the document;

a password sending module 403, configured to send a password of the document to be processed to the client.

Because the server stores the corresponding relation among the document identification information of the document to be encrypted, the user identification information of the user and the password of the document to be encrypted, when the document to be processed needs to be decrypted, the password for encrypting the document can be obtained based on the document identification information of the document and the user identification information of the user based on the corresponding relation stored by the server, so that the document can be decrypted.

In an embodiment of the present invention, the correspondence relationship is:

and/or

In an embodiment of the present invention, the apparatus further includes:

Referring to fig. 5, fig. 5 is a schematic structural diagram of an electronic device that runs a client and includes a processor 501, a communication interface 502, a memory 503 and a communication bus 504, where the processor 501, the communication interface 502 and the memory 503 complete communication with each other through the communication bus 504,

a memory 503 for storing a computer program;

the processor 501 is configured to implement a document processing method provided in an embodiment of the present invention when executing the program stored in the memory 503.

Referring to fig. 6, fig. 6 is a schematic structural diagram of a server according to an embodiment of the present invention, including a processor 601, a communication interface 602, a memory 603, and a communication bus 604, where the processor 601, the communication interface 602, and the memory 603 complete mutual communication through the communication bus 604,

a memory 603 for storing a computer program;

the processor 601 is configured to implement another document processing method provided in the embodiment of the present invention when executing the program stored in the memory 603.

The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.

The communication interface is used for communication between the electronic equipment and other equipment.

The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.

The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.

In another embodiment provided by the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements a document processing method provided by an embodiment of the present invention.

In another embodiment provided by the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements another document processing method provided by an embodiment of the present invention.

In another embodiment, the present invention further provides a computer program product containing instructions, which when executed on a computer, causes the computer to implement a document processing method provided by the embodiment of the present invention.

In another embodiment, the present invention further provides a computer program product containing instructions, which when executed on a computer, causes the computer to implement another document processing method provided by the embodiment of the present invention.

In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.

It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the embodiments of the apparatus, the electronic device, the server, and the computer-readable storage medium, since they are substantially similar to the embodiments of the method, the description is simple, and the relevant points can be referred to the partial description of the embodiments of the method.

The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims

1. A method of document processing, the method comprising:

2. The method according to claim 1, wherein the document to be processed is a document obtained by encrypting a document to be encrypted, comprising the steps of:

acquiring an encryption instruction of the document to be encrypted;

3. The method according to claim 2, wherein the obtaining the password of the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted comprises:

obtaining an important value of the document to be encrypted;

4. The method according to claim 3, wherein the obtaining the password of the document to be encrypted according to the user identification information, the document identification information of the document to be encrypted, and the important value of the document to be encrypted includes:

5. The method according to claim 1, wherein the obtaining the password of the document to be processed according to the user identification information and the document identification information of the document to be processed comprises:

6. The method of claim 5,

the corresponding relation is as follows:

and/or

7. The method according to any one of claims 1 to 6,

under the condition that the document to be processed is stored in a cloud, the document identification information of the document to be processed is an identification distributed by the cloud for the document to be processed;

8. A method of document processing, the method comprising:

and sending the password of the document to be processed to the client.

9. The method according to claim 8, wherein the document to be processed is a document obtained by encrypting a document to be encrypted, and the password of the document to be encrypted comprises the following steps:

acquiring a password application request;

10. The method according to claim 9, wherein, in a case that the key application request carries an important value of the document to be encrypted, generating a key for the document to be encrypted according to the user identification information and the document identification information of the document to be encrypted, comprises:

acquiring an important value of the document to be encrypted;

11. The method of claim 8, wherein sending the password of the document to be processed to the client comprises:

12. The method of claim 8, wherein the correspondence relationship is:

and/or

13. The method according to claim 8, further comprising, after the obtaining of the user identification information and the document identification information of the document to be processed:

14. A document processing apparatus, characterized in that the apparatus comprises:

15. The apparatus of claim 14, further comprising a document encryption module, the document encryption module comprising:

16. The apparatus of claim 15, wherein the password obtaining submodule comprises

17. The apparatus of claim 14,

the password acquisition module is specifically used for sending a password application request carrying document identification information and user identification information of the document to be processed to a server; receiving a password of the document to be processed sent by the server; the password of the document to be processed is obtained from a corresponding relation stored in the server according to the document identification information and the user identification information of the document to be processed, wherein the corresponding relation is the relation among the user identification information, the document identification information of the document and the password for encrypting the document.

18. A document processing apparatus, characterized in that the apparatus comprises:

19. The apparatus of claim 18, further comprising a document generation module, the document generation module comprising:

20. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;

a memory for storing a computer program;

a processor for implementing the method steps of any of claims 1-7 or 8-13 when executing a program stored in a memory.

21. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method steps of any one of claims 1 to 7 or 8 to 13.