CN113032812A - Salary management system for preventing data tampering - Google Patents

Salary management system for preventing data tampering Download PDF

Info

Publication number
CN113032812A
CN113032812A CN202110397844.4A CN202110397844A CN113032812A CN 113032812 A CN113032812 A CN 113032812A CN 202110397844 A CN202110397844 A CN 202110397844A CN 113032812 A CN113032812 A CN 113032812A
Authority
CN
China
Prior art keywords
salary
employee
user
management system
auditing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110397844.4A
Other languages
Chinese (zh)
Inventor
卢雄飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202110397844.4A priority Critical patent/CN113032812A/en
Publication of CN113032812A publication Critical patent/CN113032812A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/105Human resources
    • G06Q10/1057Benefits or employee welfare, e.g. insurance, holiday or retirement packages

Abstract

The invention relates to the technical field of salary data security, and discloses a salary management system for preventing data tampering, which comprises: running on a local management serverLMSsmsThe service end software of the salary management system is used for signing the user when salarySSUaOn completion of employee paytablesEP 1 After making, the staff pay table is displayed on the pay management systemEP 1 Performing encryption and signature processing to obtain ciphertextC 1 And signaturesS 1 (ii) a Salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedS 1 Validity of and paytable to employeesEP 2 Auditing is carried out, and the employee paytables are checked after the auditing is finishedEP 2 Performing encryption and signature processing to obtain ciphertextC 2 And signaturesS 2 . The invention solves the technical problems of how to prevent the illegal user from maliciously tampering the employee salary data and how to prevent the illegal user from maliciously forging the employee salary data.

Description

Salary management system for preventing data tampering
Technical Field
The invention relates to the technical field of salary data security, in particular to a salary management system for preventing data tampering.
Background
At present, most salary management systems still adopt the following two schemes for processing data between business processes. And printing the data presented to the user in a paper medium mode, and then carrying out stage-by-stage paper signature approval. Or a workflow mechanism is arranged in a database application framework, and the step-by-step progression of the process is completed in the database, but the verification of the data is only relatively simple password type identity verification.
The paper signature itself does not contain any information of the content being signed, and the uncertainty of the signature itself facilitates the counterfeiting of the paper signature. While digital signatures in the form of bit streams depend on the content being signed, it is theoretically infeasible to forge a signature as long as the signer does not lose and leak the held key. Due to the large data volume of the salary management system, a paper document contains more than one page of content in many times. However, the paper signature is usually attached to the last page, and if the content before the last page after the signature is illegally replaced, the paper signature cannot be avoided. Meanwhile, the smooth proceeding of the paper signature business process is also easily limited by places.
The identity of an operator is generally verified by inputting a user password, and the method only verifies the identity of a signer and does not protect signed data. If the signed data is modified intentionally or unintentionally after the electronic signature, the ordinary electronic signature is not recognizable. Even if a digest representing the content of the data is embedded in the signature, a normal electronic signature is still unrecognizable if someone maliciously modifies the data and forges a digest.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a salary management system for preventing data tampering, which aims to solve the technical problems of how to prevent illegal users from maliciously tampering employee salary data and how to prevent illegal users from maliciously forging employee salary data.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a payroll management system that prevents data tampering, comprising: running on a local management serverLMSsmsThe salary management system server software runs with salary management system client software and is used for salary signing usersSSUaComputer terminal for completing employee salary table makingCTaRunning user end software of salary management system and used for salary examinationNuclear userSAUbComputer terminal for completing employee salary table auditCTbRunning salary management system user side software and used for salary examination and approval userSAUcComputer terminal for completing approval of employee payrollCTc
Signing user when payrollSSUaOn completion of employee paytablesEP 1 After making, the staff pay table is displayed on the pay management systemEP 1 Performing encryption and signature processing to obtain ciphertextC 1 And signaturesS 1
Salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedS 1 Validity of and paytable to employeesEP 2 Auditing is carried out, and the employee paytables are checked after the auditing is finishedEP 2 Performing encryption and signature processing to obtain ciphertextC 2 And signaturesS 2
Salary approval userSAUcFirst decipher ciphertextC 2 Obtaining employee salary tablesEP 3 Then verifying the employee paytableEP 2 Is signedS 2 Validity of and paytable to employeesEP 3 Carrying out approval, and carrying out salary table on the staff after the approval is finishedEP 3 Performing encryption and signature processing to obtain ciphertextC 3 And signaturesS 3
Further, the payroll signature userSSUaRandomly selecting integersN 1 (1<N 1 <ϕ(M 1 )gcd(N 1 ,ϕ(M 1 ))= 1)Calculating the private keyK 1 Satisfy the following requirementsK 1 ×N 1 ≡1modϕ(M 1 )(ii) a Then the private key is combined(K 1 ,M 1 )Storing the public key in secret(N 1 ,M 1 )Transmitting to a salary management system for disclosure;
salary auditing userSAUbRandomly selecting integersN 2 (1<N 2 <ϕ(M 2 )gcd(N 2 ,ϕ(M 2 ))=1)Calculating the private keyK 2 Satisfy the following requirementsK 2 ×N 2 ≡1modϕ(M 2 )(ii) a Then the private key is combined(K 2 ,M 2 )Storing the public key in secret(N 2 ,M 2 )And transmitting to a salary management system for disclosure.
Further, the payroll signature userSSUaValidating a user with a fixed valueCVUiOf (2) a public key(N 2 ,M 2 )Salary table for staffEP 1 Encrypted, the ciphertextC 1 =(EP 1 ) N2 modM 2
Salary signing userSSUaUsing its own private key(K 1 ,M 1 )Salary table for staffEP 1 Carry out a signature ofSIG 1 ≡(h(EP 1 )) K1 modM 1 (ii) a Wherein the content of the first and second substances,h(EP 1 )to adopt one-way hash functionhStructured staff salary tableEP 1 The abstract of (1).
Further, the salary auditing userSAUbUsing its own private key(K 2 ,M 2 )Salary table for staffEP 1 Is encrypted by the encryption keyC 1 Decrypting to obtain employee payroll tableEP 2 =C 1 K2 modM 2
Salary auditing userSAUbConstruct employee paytablesEP 2 Summary of (1)(h(EP 2 )
Salary auditing userSAUbSigning users with salarySSUaOf (2) a public key(N 1 ,M 1 )Salary table for staffEP 1 Is signedSIG 1 The following calculations were performed:h(EP 1 )≡(SIG 1 ) N1 modM 1
if it ish(EP 1 )=(h(EP 2 )Then, thenSIG 1 Is employee salary tableEP 1 Is valid.
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
when the user is signed, the invention completes the employee payroll tableEP 1 After making, the staff pay table is displayed on the pay management systemEP 1 Performing encryption and signature processing to obtain ciphertextC 1 And signaturesS 1
Salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedS 1 Validity of and paytable to employeesEP 2 Auditing is carried out, and the employee paytables are checked after the auditing is finishedEP 2 Performing encryption and signature processing to obtain ciphertextC 2 And signaturesS 2
Salary approval userSAUcFirst decipher ciphertextC 2 Obtaining employee salary tablesEP 3 Then verifying the employee paytableEP 2 Is signedS 2 And pay employeesWatch (A)EP 3 Carrying out approval, and carrying out salary table on the staff after the approval is finishedEP 3 Performing encryption and signature processing to obtain ciphertextC 3 And signaturesS 3
The signature of each person is not counterfeitable, because other people except himself cannot know the private key of the person, so that the non-tamper property of the employee payroll table is well guaranteed; the illegal user wants to forge an employee payroll and sign by using the private key of the illegal user is also infeasible, because the receiver can quickly verify that the signature is invalid after receiving the employee payroll, the signature can be refused;
therefore, the technical effect of preventing illegal users from maliciously tampering the employee salary data is achieved; the technical effect of preventing the illegal user from maliciously forging the employee salary data is achieved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A payroll management system that prevents data tampering, comprising: installed and operated in a local management serverLMSsmsPayroll management system server software on the operating system, installed and run with payroll management system client software and used for payroll signing usersSSUaComputer terminal for completing employee salary table makingCTaThe software of the user terminal of the salary management system is installed and operated and is used for salary auditing usersSAUbComputer terminal for completing employee salary table auditCTbInstalled and operated with salary management system user side software and used for salary examination and approval usersSAUcComputer terminal for completing approval of employee payrollCTc
Salary signing userSSUaThrough computer terminalsCTaUser end software and operation of salary management systemManaging servers locallyLMSsmsThe salary management system server software performs data interaction with each other;
salary auditing userSAUbThrough computer terminalsCTbUser end software of salary management system and local management serverLMSsmsThe salary management system server software performs data interaction with each other;
salary approval userSAUcThrough computer terminalsCTcUser end software of salary management system and local management serverLMSsmsThe salary management system server software performs data interaction with each other;
in order to protect the security of the employee pay table during the process of making, auditing and approving the employee pay table and after the completion of the process, namely, in order to prevent unauthorized illegal users from maliciously modifying the employee pay table, when signing the user for paySSUaOn completion of employee paytablesEP 1 After making, the staff pay table is displayed on the pay management systemEP 1 Performing encryption and signature processing to obtain ciphertextC 1 And signaturesS 1
Salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedS 1 Validity of and paytable to employeesEP 2 Auditing is carried out, and the employee paytables are checked after the auditing is finishedEP 2 Performing encryption and signature processing to obtain ciphertextC 2 And signaturesS 2
Salary approval userSAUcFirst decipher ciphertextC 2 Obtaining employee salary tablesEP 3 Then verifying the employee paytableEP 2 Is signedS 2 Validity of and paytable to employeesEP 3 Carrying out approval, and carrying out salary table on the staff after the approval is finishedEP 3 Performing encryption and signature processing to obtain ciphertextC 3 And signaturesS 3
Further, pay tables are provided for employees on a pay management systemEPThe method for encrypting and decrypting, signing and verifying the validity of the signature comprises the following steps:
step one, salary signing userSSUaAnd salary auditing userSAUbGenerating respective private key and public key on the salary management system, and specifically executing the following operations:
payroll signing userSSUaFirst, two secret large prime numbers are selectedS 1 AndT 1 then calculateM 1 =S 1 ×T 1 ϕ (M 1 )=(S 1 -1)(T 1 -1)Whereinϕ(M 1 )Is the Euler function;
salary signing userSSUaRandomly selecting integersN 1 (1<N 1 <ϕ(M 1 )gcd(N 1 ,ϕ(M 1 ))=1)Calculating the private keyK 1 Satisfy the following requirementsK 1 ×N 1 ≡1modϕ(M 1 )(ii) a Then the private key is combined(K 1 ,M 1 )Storing the public key in secret(N 1 ,M 1 )Transmitting to a salary management system for disclosure;
second, salary auditing userSAUbFirst, two secret large prime numbers are selectedS 2 AndT 2 then calculateM 2 =S 2 ×T 2 ϕ (M 2 )=(S 2 -1)(T 2 -1)Whereinϕ(M 2 )Is the Euler function;
salary auditing userSAUbRandomly selecting integersN 2 (1<N 2 <ϕ(M 2 )gcd(N 2 ,ϕ(M 2 ))=1)Calculating the private keyK 2 Satisfy the following requirementsK 2 ×N 2 ≡1modϕ(M 2 )(ii) a Then the private key is combined(K 2 ,M 2 )Storing the public key in secret(N 2 ,M 2 )Transmitting to a salary management system for disclosure;
step two, salary signing userSSUaSalary table for staff on salary management systemEP 1 Performing encryption and signature processing, and specifically executing the following operations:
salary signing userSSUaValidating a user with a fixed valueCVUiOf (2) a public key(N 2 ,M 2 )Salary table for staffEP 1 Encrypted, the ciphertextC 1 =(EP 1 ) N2 modM 2
Salary signing userSSUaUsing its own private key(K 1 ,M 1 )Salary table for staffEP 1 Carry out a signature ofSIG 1 ≡(h(EP 1 )) K1 modM 1 (ii) a Wherein the content of the first and second substances,h(EP 1 )to adopt one-way hash functionhStructured staff salary tableEP 1 The abstract of (1);
step three, salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedSIG 1 Specifically, the following operations are performed:
salary auditing userSAUbUsing its own private key(K 2 ,M 2 )Salary table for staffEP 1 Is close toArticle (Chinese character)C 1 Decrypting to obtain employee payroll tableEP 2 =C 1 K2 modM 2
Salary auditing userSAUbConstruct employee paytablesEP 2 Summary of (1)(h(EP 2 )
Salary auditing userSAUbSigning users with salarySSUaOf (2) a public key(N 1 ,M 1 )Salary table for staffEP 1 Is signedSIG 1 The following calculations were performed:h(EP 1 )≡(SIG 1 ) N1 modM 1
if it ish(EP 1 )=(h(EP 2 )Then, thenSIG 1 Is employee salary tableEP 1 A valid signature of (2);
the scheme adopts a management mechanism for sequentially signing, namely, a former person always designates a latter person to decrypt the encrypted ciphertext of the employee payroll table, a former encryption and signature person always designates a latter receiver to verify the signature of the encrypted employee payroll table, and the receiver designated to decrypt and verify the signature can always verify the validity of the signature of the pusher; and the signature of each person is not fakeable, because other people except himself cannot know his private key, thus the non-tamper property of the employee payroll table is well ensured; it is also infeasible for an illegal user to forge a employee payroll and sign with their own private key, because the recipient receiving the employee payroll can quickly verify that the signature is invalid and will reject the signature.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (4)

1. A payroll management system that prevents data tampering, comprising: running on a local management serverLMSsmsThe salary management system server software runs with salary management system client software and is used for salary signing usersSSUaComputer terminal for completing employee salary table makingCTaRunning user end software of salary management system and used for salary auditing userSAUbComputer terminal for completing employee salary table auditCTbRunning salary management system user side software and used for salary examination and approval userSAUcComputer terminal for completing approval of employee payrollCTc
Signing user when payrollSSUaOn completion of employee paytablesEP 1 After making, the staff pay table is displayed on the pay management systemEP 1 Performing encryption and signature processing to obtain ciphertextC 1 And signaturesS 1
Salary auditing userSAUbFirst decipher ciphertextC 1 Obtaining employee salary tablesEP 2 Then verifying the employee paytableEP 1 Is signedS 1 Validity of and paytable to employeesEP 2 Auditing is carried out, and the employee paytables are checked after the auditing is finishedEP 2 Performing encryption and signature processing to obtain ciphertextC 2 And signaturesS 2
Salary approval userSAUcFirst decipher ciphertextC 2 Obtaining employee salary tablesEP 3 Then verifying the employee paytableEP 2 Is signedS 2 Validity of and paytable to employeesEP 3 Carrying out approval, and carrying out salary table on the staff after the approval is finishedEP 3 Performing encryption and signature processing to obtain ciphertextC 3 And signaturesS 3
2. The payroll management system for preventing data tampering as defined in claim 1, wherein the payroll signing userSSUaRandomly selecting integersN 1 (1<N 1 <ϕ(M 1 )gcd(N 1 ,ϕ(M 1 ))=1)Calculating the private keyK 1 Satisfy the following requirementsK 1 ×N 1 ≡1modϕ (M 1 )(ii) a Then the private key is combined(K 1 ,M 1 )Storing the public key in secret(N 1 ,M 1 )Transmitting to a salary management system for disclosure;
salary auditing userSAUbRandomly selecting integersN 2 (1<N 2 <ϕ(M 2 )gcd(N 2 ,ϕ(M 2 ))=1)Calculating the private keyK 2 Satisfy the following requirementsK 2 ×N 2 ≡1modϕ(M 2 )(ii) a Then the private key is combined(K 2 ,M 2 )Storing the public key in secret(N 2 ,M 2 )And transmitting to a salary management system for disclosure.
3. The payroll management system for preventing data tampering as defined in claim 2, wherein the payroll signing userSSUaValidating a user with a fixed valueCVUiOf (2) a public key(N 2 ,M 2 )Salary table for staffEP 1 Encrypted, the ciphertextC 1 =(EP 1 ) N2 modM 2
Salary signing userSSUaUsing its own private key(K 1 ,M 1 )Pay staffWatch (A)EP 1 Carry out a signature ofSIG 1 (h(EP 1 )) K1 modM 1 (ii) a Wherein the content of the first and second substances,h(EP 1 )to adopt one-way hash functionhStructured staff salary tableEP 1 The abstract of (1).
4. The payroll management system for preventing data tampering as defined in claim 3, wherein the payroll auditing userSAUbUsing its own private key(K 2 ,M 2 )Salary table for staffEP 1 Is encrypted by the encryption keyC 1 Decrypting to obtain employee payroll tableEP 2 =C 1 K2 modM 2
Salary auditing userSAUbConstruct employee paytablesEP 2 Summary of (1)(h(EP 2 )
Salary auditing userSAUbSigning users with salarySSUaOf (2) a public key(N 1 ,M 1 )Salary table for staffEP 1 Is signedSIG 1 The following calculations were performed:h(EP 1 )≡(SIG 1 ) N1 modM 1
if it ish(EP 1 )=(h(EP 2 )Then, thenSIG 1 Is employee salary tableEP 1 Is valid.
CN202110397844.4A 2021-04-14 2021-04-14 Salary management system for preventing data tampering Pending CN113032812A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110397844.4A CN113032812A (en) 2021-04-14 2021-04-14 Salary management system for preventing data tampering

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110397844.4A CN113032812A (en) 2021-04-14 2021-04-14 Salary management system for preventing data tampering

Publications (1)

Publication Number Publication Date
CN113032812A true CN113032812A (en) 2021-06-25

Family

ID=76456596

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110397844.4A Pending CN113032812A (en) 2021-04-14 2021-04-14 Salary management system for preventing data tampering

Country Status (1)

Country Link
CN (1) CN113032812A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117113437A (en) * 2023-10-19 2023-11-24 深圳竹云科技股份有限公司 File tampering detection method and device, computer equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117113437A (en) * 2023-10-19 2023-11-24 深圳竹云科技股份有限公司 File tampering detection method and device, computer equipment and storage medium
CN117113437B (en) * 2023-10-19 2024-02-06 深圳竹云科技股份有限公司 File tampering detection method and device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
CN108599954B (en) Identity verification method based on distributed account book
US10122710B2 (en) Binding a data transaction to a person&#39;s identity using biometrics
US8533482B2 (en) Method for generating a key pair and transmitting a public key or request file of a certificate in security
US7287164B2 (en) Method and system for encoding signatures to authenticate files
US5774552A (en) Method and apparatus for retrieving X.509 certificates from an X.500 directory
US20020038290A1 (en) Digital notary system and method
CN110060403B (en) One-person multi-ticket electronic voting method and system based on block chain
US7606768B2 (en) Voice signature with strong binding
US9438589B2 (en) Binding a digital file to a person&#39;s identity using biometrics
CN102722931A (en) Voting system and voting method based on intelligent mobile communication devices
US20130283035A1 (en) Digital file authentication using biometrics
CN101395624A (en) Verification of electronic signatures
CN1382332A (en) Method of data protection
CN1831865A (en) Electronic bank safety authorization system and method based on CPK
US20070050626A1 (en) Document management system, document processing computer, signature generating computer, storage medium storing program for document management, and document management method
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
US20030221109A1 (en) Method of and apparatus for digital signatures
CN108768975A (en) Support the data integrity verification method of key updating and third party&#39;s secret protection
CN107229879A (en) Electronics confirmation request automatic generation method and system based on safe Quick Response Code
JP2014090372A (en) Information processing device, information processing system, information processing method, and computer program
CN1697376A (en) Method and system for authenticating or enciphering data by using IC card
CN115238294A (en) Digital RMB transaction privacy protection method, system and device based on mixed currency protocol
CN104657860A (en) Mobile banking security authentication method
CN113761578A (en) Document true checking method based on block chain
CN113032812A (en) Salary management system for preventing data tampering

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination