CN113032818B - Task encryption method and device, electronic equipment and computer readable medium - Google Patents

Task encryption method and device, electronic equipment and computer readable medium Download PDF

Info

Publication number
CN113032818B
CN113032818B CN202110581838.4A CN202110581838A CN113032818B CN 113032818 B CN113032818 B CN 113032818B CN 202110581838 A CN202110581838 A CN 202110581838A CN 113032818 B CN113032818 B CN 113032818B
Authority
CN
China
Prior art keywords
task
file
group
byte stream
generate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110581838.4A
Other languages
Chinese (zh)
Other versions
CN113032818A (en
Inventor
陈曦
燕鹏
王丽君
王娟
吴建海
任志鹏
薛凯娜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Siji Location Service Co ltd
Beijing Guodiantong Network Technology Co Ltd
Original Assignee
Beijing Guodiantong Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Guodiantong Network Technology Co Ltd filed Critical Beijing Guodiantong Network Technology Co Ltd
Priority to CN202110581838.4A priority Critical patent/CN113032818B/en
Publication of CN113032818A publication Critical patent/CN113032818A/en
Application granted granted Critical
Publication of CN113032818B publication Critical patent/CN113032818B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the disclosure discloses a task encryption method and device, an electronic device and a computer readable medium. One embodiment of the method comprises: sequentially reading tasks in the task information queue through an external table preset in a database to generate a byte stream to obtain a byte stream group; establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file to obtain a task file group; determining task files meeting preset conditions in the task file group as target task files to obtain a target task file group; and encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group. According to the embodiment, the tasks are read as the byte streams, so that the memory resources occupied by the tasks during migration are reduced, and the fluency of the tasks during migration is ensured.

Description

Task encryption method and device, electronic equipment and computer readable medium
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a task encryption method, a task encryption device, electronic equipment and a computer readable medium.
Background
Documents are required in the fields of engineering construction and the like. For example, the bidding document records all conditions required for the construction unit to provide the bidding unit with the participation bid. At present, when a document bidding system migrates a task document, the method generally adopts: and migrating the task files in the external network database to the internal network database in a manual migration mode so as to facilitate the internal personnel to review the task files.
However, when the above migration method is adopted, there are generally the following technical problems:
firstly, the task files transferred from the external network to the internal network are not corrected, so that partial task files are incomplete; in addition, different connection configuration information is needed to realize connection with an intranet database, so that the step of task file migration is complex, and the robustness of the system is reduced;
secondly, because the task files are sensitive, the task files migrated to the intranet are not encrypted, so that leakage of part of the task files may be caused, and the safety of file storage is greatly reduced.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure propose a task encryption method, apparatus, electronic device and computer readable medium to solve one or more of the technical problems mentioned in the background section above.
In a first aspect, some embodiments of the present disclosure provide a task encryption method, including: receiving a task information set sent by each user, wherein task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers; persistently storing each task information in the task information set into a task information queue of a preset database; responding to the data state of each task information in the task information queue as a migration state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group; establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file to obtain a task file group; determining the task files meeting preset conditions in the task file group as target task files to obtain a target task file group; and encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
In a second aspect, some embodiments of the present disclosure provide a task encryption apparatus, the apparatus comprising: the system comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is configured to receive a task information set sent by each user, and task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers; the storage unit is configured to store each task information in the task information set into a task information queue of a preset database in a persistent mode; the reading unit is configured to respond that the data state of each piece of task information in the task information queue is a migration state, and sequentially read the tasks in the task information queue through an external table preset in the database to generate a byte stream to obtain a byte stream group; the writing unit is configured to establish a task empty file group according to each task identifier included in the task information set, and write each byte stream in the byte stream group into a corresponding task empty file to generate a task file, so as to obtain a task file group; the determining unit is configured to determine the task files meeting preset conditions in the task file group as target task files to obtain a target task file group; and the encryption unit is configured to encrypt each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
In a third aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method described in any of the implementations of the first aspect.
In a fourth aspect, some embodiments of the present disclosure provide a computer readable medium on which a computer program is stored, wherein the program, when executed by a processor, implements the method described in any of the implementations of the first aspect.
The above embodiments of the present disclosure have the following advantages: by the task encryption method of some embodiments of the present disclosure, the task file migrated from the external network to the internal network is corrected, the integrity of the file in the migration process is ensured, the steps of task file migration are simplified, and the robustness of the system is improved. In addition, the task file migrated to the intranet can be encrypted, so that the possibility of leakage of the task file is reduced. Specifically, the reasons for the reduced robustness of the system are: the task files transferred from the external network to the internal network are not corrected, so that partial task files are incomplete; in addition, different connection configuration information is needed to realize connection with an intranet database, so that the step of task file migration is complex, and the robustness of the system is reduced. Based on this, the task encryption method of some embodiments of the present disclosure, first, receives a task information set sent by each user. Thus, data support is provided for subsequent task file migration. Secondly, each task information in the task information set is stored in a task information queue of a preset database in a persistent mode. And then, responding to the data state of each task information in the task information queue as a transition state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group. Therefore, the task can be read through the preset external table, the problem that different connection configuration information is needed to realize connection with an intranet database is solved, and the step of task file migration is simplified. In addition, the tasks are read into the byte stream, so that the memory resources occupied by the tasks during migration are reduced, and the fluency of the tasks during migration is ensured. And then, establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into the corresponding task empty file to generate a task file, so as to obtain a task file group. And then, determining the task files meeting the preset conditions in the task file group as target task files to obtain a target task file group. Therefore, incomplete files can be removed, and the integrity of the files in the migration process is guaranteed. And finally, encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group. Therefore, the task file migrated to the intranet can be encrypted, and the possibility of leakage of the task file is reduced.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and elements are not necessarily drawn to scale.
FIG. 1 is a schematic diagram of one application scenario of a task encryption method according to some embodiments of the present disclosure;
FIG. 2 is a flow diagram of some embodiments of a task encryption method according to the present disclosure;
FIG. 3 is a flow diagram of further embodiments of a task encryption method according to the present disclosure;
FIG. 4 is a schematic block diagram of some embodiments of a task encryption apparatus according to the present disclosure;
FIG. 5 is a schematic structural diagram of an electronic device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 is a schematic diagram of an application scenario of a task encryption method according to some embodiments of the present disclosure.
In the application scenario of fig. 1, first, the computing device 101 may receive the task information sets 102 sent by the respective users. The task information in the task information set 102 includes a task identifier and a task corresponding to the task identifier. Secondly, the computing device 101 may persistently store each task information in the task information set 102 into the task information queue 104 of the preset database 103. Next, in response to that the data state of each piece of task information in the task information queue 104 is a transition state, the computing device 101 may sequentially read the tasks in the task information queue 104 through an external table 105 preset in the database 103 to generate a byte stream, so as to obtain a byte stream group 106. Then, the computing device 101 may create a task empty file group 107 according to each task identifier included in the task information set 102, and write each byte stream in the byte stream group 106 into the corresponding task empty file to generate a task file, resulting in a task file group 108. Then, the computing device 101 may determine the task files satisfying the preset condition in the task file group 108 as target task files, resulting in a target task file group 109. Finally, the computing device 101 may perform encryption processing on each of the target task files in the set of target task files 109 to generate an encrypted target task file, resulting in the set of encrypted target task files 110.
The computing device 101 may be hardware or software. When the computing device is hardware, it may be implemented as a distributed cluster composed of multiple servers or terminal devices, or may be implemented as a single server or a single terminal device. When the computing device is embodied as software, it may be installed in the hardware devices enumerated above. It may be implemented, for example, as multiple software or software modules to provide distributed services, or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of computing devices in FIG. 1 is merely illustrative. There may be any number of computing devices, as implementation needs dictate.
With continued reference to fig. 2, a flow 200 of some embodiments of a task encryption method in accordance with the present disclosure is shown. The method may be performed by the computing device 101 of fig. 1. The task encryption method comprises the following steps:
step 201, receiving task information sets sent by each user.
In some embodiments, an execution subject of the task encryption method (e.g., the computing device 101 shown in fig. 1) may receive the task information set sent by each user from the terminal device by a wired connection manner or a wireless connection manner. The task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers. Here, the task may refer to bidding information, and may include, but is not limited to, at least one of: and the label division identifier, the sub-packet identifier, the resources occupied by the task and the user information. Here, the resource occupied by the task may refer to a memory resource occupied by the task. Here, the user information may refer to information of a user who transmits the task information, and may include a user name. Here, the bid amount flag may be a flag of a bid amount of the bid document. Here, the sub-package identification may be an identification that targets a sub-package of a file.
As an example, a set of task information may be:
{ [ 'task identification': 001, 'subscript mark': 001, 'subpackage identification': 001, 'resources occupied by tasks': 2G, 'user information': a user ];
[ 'task identification': 002, 'subscript mark': 002, 'subpackage identification': 002, 'resources occupied by tasks': 3G, 'user information': b user ];
[ 'task identification': 003, 'subscript mark': 003, 'subpackage identification': 003, 'resources occupied by tasks': 2.5G, 'user information': c users ] }.
Step 202, storing each task information in the task information set into a task information queue of a preset database in a persistent manner.
In some embodiments, the execution subject may persistently store each task information in the task information set into a task information queue of a preset database. Here, the preset database may be a database/system having a distributed storage function. For example, the predetermined database may be HDFS (Hadoop Distributed File System).
Step 203, in response to that the data state of each task information in the task information queue is a migration state, sequentially reading the tasks in the task information queue by using an external table preset in the database to generate a byte stream, and obtaining a byte stream group.
In some embodiments, the execution main body may sequentially read the tasks in the task information queue through an external table preset in the database in response to that the data state of each piece of task information in the task information queue is a migration state, so as to generate a byte stream, and obtain a byte stream group. Here, the external table may be a Hive external table, which may be used to read the structured data file as a byte stream and provide a complete SQL query function. In addition, the execution main body can also read the tasks in the task information queue through the IO component of the JDK so as to generate a byte stream.
Step 204, establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file, so as to obtain a task file group.
In some embodiments, first, the execution main body may use each task identifier included in the task information set as an index to establish a task empty file group. Here, the number of task empty files included in the task empty file group is the same as the number of task identifiers included in the task information set. And then writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file, so as to obtain a task file group. Here, the execution body may write the byte stream into a task empty file having the same task identifier as the byte stream using the buffered byte stream.
Step 205, determining the task files meeting the preset conditions in the task file group as target task files to obtain a target task file group.
In some embodiments, the execution main body may determine a task file satisfying a preset condition in the task file group as a target task file, so as to obtain a target task file group. Here, the preset condition may be "the occupied resource of the byte stream is the same as the occupied resource of the task file corresponding to the byte stream". For example, the resource occupied by the task file a is "1G", and the resource occupied by the byte stream corresponding to the task file a is "1G", that is, the task file a satisfies the preset condition "the resource occupied by the byte stream is the same as the resource occupied by the task file corresponding to the byte stream".
And step 206, encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
In some embodiments, the executing entity may perform an encryption process on each target task file in the target task file group to generate an encrypted target task file, and obtain an encrypted target task file group, where the encryption process may include, but is not limited to: symmetric encryption, asymmetric encryption, Base64 encryption, and the like.
Optionally, determining the task file which does not meet the preset condition in the task file group as an abnormal task file, so as to obtain an abnormal task file group.
In some embodiments, the execution main body may determine a task file that does not satisfy the preset condition in the task file group as an abnormal task file, so as to obtain an abnormal task file group.
Optionally, the file state of each abnormal task file in the abnormal task file group is modified into a re-migration state, and the associated alarm device is controlled to perform an alarm operation.
In some embodiments, the execution main body may modify a file state of each abnormal task file in the abnormal task file group into a retransfer state, and control an alarm device in communication connection with the execution main body to perform voice broadcast on a task identifier corresponding to each abnormal task file, so as to prompt a worker to perform retransfer processing on the abnormal task file.
The above embodiments of the present disclosure have the following advantages: by the task encryption method of some embodiments of the present disclosure, the task file migrated from the external network to the internal network is corrected, the integrity of the file in the migration process is ensured, the steps of task file migration are simplified, and the robustness of the system is improved. In addition, the task file migrated to the intranet can be encrypted, so that the possibility of leakage of the task file is reduced. Specifically, the reasons for the reduced robustness of the system are: the task files transferred from the external network to the internal network are not corrected, so that partial task files are incomplete; in addition, different connection configuration information is needed to realize connection with an intranet database, so that the step of task file migration is complex, and the robustness of the system is reduced. Based on this, the task encryption method of some embodiments of the present disclosure, first, receives a task information set sent by each user. Thus, data support is provided for subsequent task file migration. Secondly, each task information in the task information set is stored in a task information queue of a preset database in a persistent mode. And then, responding to the data state of each task information in the task information queue as a transition state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group. Therefore, the task can be read through the preset external table, the problem that different connection configuration information is needed to realize connection with an intranet database is solved, and the step of task file migration is simplified. In addition, the tasks are read into the byte stream, so that the memory resources occupied by the tasks during migration are reduced, and the fluency of the tasks during migration is ensured. And then, establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into the corresponding task empty file to generate a task file, so as to obtain a task file group. And then, determining the task files meeting the preset conditions in the task file group as target task files to obtain a target task file group. Therefore, incomplete files can be removed, and the integrity of the files in the migration process is guaranteed. And finally, encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group. Therefore, the task file migrated to the intranet can be encrypted, and the possibility of leakage of the task file is reduced.
With further reference to fig. 3, a flow 300 of further embodiments of a task encryption method according to the present disclosure is shown. The method may be performed by the computing device 101 of fig. 1. The task encryption method comprises the following steps:
step 301, receiving task information sets sent by each user.
Step 302, storing each task information in the task information set into a task information queue of a preset database in a persistent manner.
Step 303, in response to that the data state of each piece of task information in the task information queue is a migration state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group.
Step 304, according to each task identifier included in the task information set, a task empty file group is established, and each byte stream in the byte stream group is written into a corresponding task empty file to generate a task file, so that a task file group is obtained.
And 305, determining the task files meeting the preset conditions in the task file group as target task files to obtain a target task file group.
In some embodiments, the specific implementation manner and technical effects of steps 301 and 305 may refer to steps 201 and 205 in those embodiments corresponding to fig. 2, which are not described herein again.
Step 306, performing encoding processing on each character included in the target task file to generate an encoded character, so as to obtain an encoded character group.
In some embodiments, an execution subject of the task encryption method (e.g., the computing device 101 shown in fig. 1) may perform an encoding process on each character included in the target task file to generate an encoded character, resulting in an encoded character group. Here, the encoding process may refer to international standard encoding. For example, the character may be [ hundred ], which may be subjected to international standard encoding processing to generate an encoded character [ b '\ xb0\ xd9' ].
Step 307, performing a binary conversion process on each code character in the code character group to generate a binary code character, so as to obtain a binary code character group.
In some embodiments, the execution body may perform a binary conversion process on each code character in the code character group to generate a binary code character, resulting in a binary code character group. Here, the binary conversion process may refer to decimal conversion or may refer to octal conversion. For example, the encoded character [ b '\ xb0\ xd9' ] may be decimal converted to generate a binary encoded character [176, 217 ].
Step 308, determining the number of the binary code characters included in the binary code character group as the candidate key.
In some embodiments, the execution subject may determine the number of binary code characters included in the binary code character group as the candidate key.
Step 309, generating a first encryption key and a second encryption key based on the above-mentioned alternative key.
In some embodiments, based on the alternative key, the execution body may generate the first encryption key and the second encryption key by:
in the first step, at least four odd numbers which are different from each other are randomly selected to obtain an odd number group. Wherein, the odd array is expressed in a matrix form. For example, the odd group may be:
Figure DEST_PATH_IMAGE001
and secondly, generating a first encryption key based on the alternative key and the odd array.
In practice, based on the candidate key and the odd array, the second step may generate the first encryption key by the following formula:
Figure DEST_PATH_IMAGE002
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE003
representing a first encryption key.
Figure DEST_PATH_IMAGE004
Representing the odd array described above.
Figure DEST_PATH_IMAGE005
Indicating the odd row numbers in the odd array.
Figure DEST_PATH_IMAGE006
Indicating the odd column numbers in the odd array.
Figure DEST_PATH_IMAGE007
Represents the first in the above-mentioned odd number group
Figure 82195DEST_PATH_IMAGE005
Go to the first
Figure 468177DEST_PATH_IMAGE006
Odd number of columns.
Figure DEST_PATH_IMAGE008
Representing the above-mentioned alternative key.
Figure DEST_PATH_IMAGE009
Representing a modulo operation.
And thirdly, randomly selecting at least four different even numbers to obtain an even number group, wherein the even number group is represented in a matrix form. For example, the even group may be:
Figure DEST_PATH_IMAGE010
and fourthly, generating a second encryption key based on the alternative key and the even number group.
In practice, based on the candidate key and the even number group, the fourth step may generate the first encryption key by the following formula:
Figure DEST_PATH_IMAGE011
wherein the content of the first and second substances,
Figure 342855DEST_PATH_IMAGE003
representing a first encryption key.
Figure DEST_PATH_IMAGE012
Representing the odd array described above.
Figure 190594DEST_PATH_IMAGE005
Indicating the odd row numbers in the odd array.
Figure 473808DEST_PATH_IMAGE006
Indicating the odd column numbers in the odd array.
Figure DEST_PATH_IMAGE013
Represents the first in the above-mentioned odd number group
Figure 765112DEST_PATH_IMAGE005
Go to the first
Figure 766566DEST_PATH_IMAGE006
Odd number of columns.
Figure 182110DEST_PATH_IMAGE008
Representing the above-mentioned alternative key.
Figure 585410DEST_PATH_IMAGE009
Representing a modulo operation.
And step 310, based on the first encryption key and the second encryption key, encrypting the binary code character set to generate an encrypted binary code character set as an encryption target task file.
In some embodiments, the execution body may perform an encryption process on the binary code character set based on the first encryption key and the second encryption key in various ways to generate an encrypted binary code character set as the encryption target task file.
In some optional implementation manners of some embodiments, the execution main body may perform encryption processing on each binary code character in the binary code character group based on the first encryption key and the second encryption key to generate an encrypted binary code character, and obtain the encrypted binary code character group as the encryption target task file.
In practice, the execution body may encrypt the binary code character to generate an encrypted binary code character according to the following formula:
Figure DEST_PATH_IMAGE014
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE015
representing encrypted binary-coded characters.
Figure 516457DEST_PATH_IMAGE003
Representing the first encryption key.
Figure DEST_PATH_IMAGE016
Representing the second encryption key.
Figure DEST_PATH_IMAGE017
And indicating the serial number of the binary code character in the binary code character group.
Figure DEST_PATH_IMAGE018
Representing the above-mentioned binary coded characters.
Figure DEST_PATH_IMAGE019
The number of the binary code characters included in the binary code character group is represented.
Figure DEST_PATH_IMAGE020
Representing a modulo operation.
Figure DEST_PATH_IMAGE021
Representing a remainder operation.
The formula and the related content in step 309 and 310 serve as an invention point of the present disclosure, thereby solving the technical problem mentioned in the background art that "because the task file has sensitivity, the task file migrated to the intranet is not encrypted, which may cause leakage of part of the task file, and greatly reduces the security of file storage". Factors that cause a reduction in the security of file storage tend to be as follows: due to the sensitivity of the task files, the task files migrated to the intranet are not encrypted, and leakage of part of the task files may be caused. If the above factors are solved, the effect of improving the security of file storage can be achieved. To achieve this, first, a first encryption key is generated by a formula based on the above candidate key and the above odd array. Since the randomly selected odd group has uncertainty, it is convenient to enhance the confidentiality of the encryption key. Secondly, a first encryption key is generated by using a matrix encryption formula, so that the alternative key cannot be directly used for decryption even if the alternative key is leaked. Then, at least four mutually different even numbers are randomly selected, and a second encryption key is generated by a formula based on the candidate key and the even number group. Therefore, the encryption key can be divided into two keys, and the task file is encrypted by using the two keys, so that the confidentiality of the task file is greatly improved. In addition, the encryption task file cannot be cracked even if one encryption key is leaked due to the fact that the number of the encryption keys is two. And finally, carrying out encryption processing on the binary code character in a sectional encryption mode to generate an encrypted binary code character. Due to the adoption of the sectional encryption mode, the confidentiality of the task file is further improved, and even if two encryption keys are leaked, the encrypted task file cannot be cracked unless the task file is encrypted in the sectional encryption mode. In addition, the security of file storage is greatly improved by an encryption mode of arranging and combining two encryption keys and segmented encryption.
Optionally, the encrypted target task file group is stored in a preset database for calling.
In some embodiments, the execution subject may store the encrypted target task file group in a preset database for calling. Here, the preset database may be a storage server communicatively connected to the execution main body.
As can be seen from fig. 3, compared with the description of some embodiments corresponding to fig. 2, the process 300 of the task encryption method in some embodiments corresponding to fig. 3 first generates a first encryption key by a formula based on the above alternative key and the above odd array. Since the randomly selected odd group has uncertainty, it is convenient to enhance the confidentiality of the encryption key. Secondly, a first encryption key is generated by using a matrix encryption formula, so that the alternative key cannot be directly used for decryption even if the alternative key is leaked. Then, at least four mutually different even numbers are randomly selected, and a second encryption key is generated by a formula based on the candidate key and the even number group. Therefore, the encryption key can be divided into two keys, and the task file is encrypted by using the two keys, so that the confidentiality of the task file is greatly improved. In addition, the encryption task file cannot be cracked even if one encryption key is leaked due to the fact that the number of the encryption keys is two. And finally, carrying out encryption processing on the binary code character in a sectional encryption mode to generate an encrypted binary code character. Due to the adoption of the sectional encryption mode, the confidentiality of the task file is further improved, and even if two encryption keys are leaked, the encrypted task file cannot be cracked unless the task file is encrypted in the sectional encryption mode. In addition, the security of file storage is greatly improved by an encryption mode of arranging and combining two encryption keys and segmented encryption.
With further reference to fig. 4, as an implementation of the methods shown in the above figures, the present disclosure provides some embodiments of a task encryption apparatus, which correspond to those of the method embodiments described above in fig. 2, and which may be applied in various electronic devices in particular.
As shown in fig. 4, the task encryption device 400 of some embodiments includes: a receiving unit 401, a storage unit 402, a reading unit 403, a writing unit 404, a determining unit 405, and an encrypting unit 406. The receiving unit 401 is configured to receive a task information set sent by each user, where task information in the task information set includes a task identifier and a task corresponding to the task identifier. The storage unit 402 is configured to persistently store each task information in the task information set into a task information queue of a preset database. The reading unit 403 is configured to, in response to that the data state of each piece of task information in the task information queue is a migration state, sequentially read the tasks in the task information queue through an external table preset in the database to generate a byte stream, so as to obtain a byte stream group. The writing unit 404 is configured to establish a task empty file group according to each task identifier included in the task information set, and write each byte stream in the byte stream group into a corresponding task empty file to generate a task file, resulting in a task file group. The determining unit 405 is configured to determine a task file satisfying a preset condition in the task file group as a target task file, resulting in a target task file group. The encryption unit 406 is configured to perform encryption processing on each of the target task files in the above-mentioned target task file group to generate an encrypted target task file, resulting in an encrypted target task file group.
It will be understood that the elements described in the apparatus 400 correspond to various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 400 and the units included therein, and will not be described herein again.
Referring now to FIG. 5, a block diagram of an electronic device (e.g., computing device 101 of FIG. 1) 500 suitable for use in implementing some embodiments of the present disclosure is shown. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, electronic device 500 may include a processing means (e.g., central processing unit, graphics processor, etc.) 501 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM) 502 or a program loaded from a storage means 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the electronic apparatus 500 are also stored. The processing device 501, the ROM502, and the RAM 503 are connected to each other through a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
Generally, the following devices may be connected to the I/O interface 505: input devices 506 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 507 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, and the like; storage devices 508 including, for example, magnetic tape, hard disk, etc.; and a communication device 509. The communication means 509 may allow the electronic device 500 to communicate with other devices wirelessly or by wire to exchange data. While fig. 5 illustrates an electronic device 500 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 5 may represent one device or may represent multiple devices as desired.
In particular, according to some embodiments of the present disclosure, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, some embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In some such embodiments, the computer program may be downloaded and installed from a network via the communication means 509, or installed from the storage means 508, or installed from the ROM 502. The computer program, when executed by the processing device 501, performs the above-described functions defined in the methods of some embodiments of the present disclosure.
It should be noted that the computer readable medium described above in some embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In some embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In some embodiments of the present disclosure, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the apparatus; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a task information set sent by each user, wherein task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers; persistently storing each task information in the task information set into a task information queue of a preset database; responding to the data state of each task information in the task information queue as a migration state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group; establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file to obtain a task file group; determining the task files meeting preset conditions in the task file group as target task files to obtain a target task file group; and encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in some embodiments of the present disclosure may be implemented by software, and may also be implemented by hardware. The described units may also be provided in a processor, and may be described as: a processor includes a receiving unit, a storage unit, a reading unit, a writing unit, a determining unit, and an encrypting unit. For example, the writing unit may be further described as "establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into the corresponding task empty file to generate a task file, so as to obtain a unit of the task file group.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (10)

1. A task encryption method, comprising:
receiving a task information set sent by each user, wherein task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers;
persistently storing each task information in the task information set into a task information queue of a preset database;
responding to the fact that the data state of each task information in the task information queue is a migration state, sequentially reading the tasks in the task information queue through an external table preset in the database to generate a byte stream, and obtaining a byte stream group;
establishing a task empty file group according to each task identifier included in the task information set, and writing each byte stream in the byte stream group into a corresponding task empty file to generate a task file to obtain a task file group;
determining task files meeting preset conditions in the task file group as target task files to obtain a target task file group, wherein the preset conditions are as follows: the occupied resources of the byte stream are the same as the occupied resources of the task file corresponding to the byte stream;
and encrypting each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
2. The method of claim 1, wherein the method further comprises:
determining the task files which do not meet the preset conditions in the task file group as abnormal task files to obtain an abnormal task file group;
and modifying the file state of each abnormal task file in the abnormal task file group into a re-migration state, and controlling the associated alarm equipment to perform alarm operation.
3. The method of claim 1, wherein the encrypting each target task file in the set of target task files to generate an encrypted target task file comprises:
coding each character included in the target task file to generate a coded character, and obtaining a coded character group;
carrying out binary conversion processing on each code character in the code character group to generate a binary code character to obtain a binary code character group;
determining the number of the binary code characters included in the binary code character group as an alternative key;
generating a first encryption key and a second encryption key based on the alternative key;
and based on the first encryption key and the second encryption key, carrying out encryption processing on the binary code character set to generate an encrypted binary code character set as an encryption target task file.
4. The method of claim 3, wherein the generating a first encryption key and a second encryption key based on the alternate key comprises:
randomly selecting at least four odd numbers which are different from each other to obtain an odd number group, wherein the odd number group is represented in a matrix form;
generating a first encryption key based on the alternative key and the odd array;
randomly selecting at least four even numbers which are different from each other to obtain an even number group, wherein the even number group is represented in a matrix form;
generating a second encryption key based on the alternate key and the even group.
5. The method of claim 3, wherein the encrypting the set of binary code characters based on the first encryption key and the second encryption key to generate an encrypted set of binary code characters as an encryption target task file comprises:
and based on the first encryption key and the second encryption key, each binary code character in the binary code character group is encrypted to generate an encrypted binary code character, and the encrypted binary code character group is obtained and used as an encryption target task file.
6. The method of claim 1, wherein the method further comprises:
and storing the encrypted target task file group into a preset database for calling.
7. A task encryption apparatus comprising:
the system comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is configured to receive a task information set sent by each user, and task information in the task information set comprises task identifiers and tasks corresponding to the task identifiers;
the storage unit is configured to store each task information in the task information set into a task information queue of a preset database in a persistent mode;
the reading unit is configured to respond that the data state of each task information in the task information queue is a migration state, and sequentially read the tasks in the task information queue through an external table preset in the database to generate a byte stream to obtain a byte stream group;
the writing unit is configured to establish a task empty file group according to each task identifier included in the task information set, and write each byte stream in the byte stream group into a corresponding task empty file to generate a task file, so as to obtain a task file group;
a determining unit, configured to determine a task file meeting a preset condition in the task file group as a target task file, to obtain a target task file group, where the preset condition is: the occupied resources of the byte stream are the same as the occupied resources of the task file corresponding to the byte stream;
and the encryption unit is configured to encrypt each target task file in the target task file group to generate an encrypted target task file, so as to obtain an encrypted target task file group.
8. The task encryption device of claim 7, wherein the device further comprises:
and the file storage unit is configured to store the encrypted target task file group into a preset database for calling.
9. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-6.
10. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-6.
CN202110581838.4A 2021-05-27 2021-05-27 Task encryption method and device, electronic equipment and computer readable medium Active CN113032818B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110581838.4A CN113032818B (en) 2021-05-27 2021-05-27 Task encryption method and device, electronic equipment and computer readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110581838.4A CN113032818B (en) 2021-05-27 2021-05-27 Task encryption method and device, electronic equipment and computer readable medium

Publications (2)

Publication Number Publication Date
CN113032818A CN113032818A (en) 2021-06-25
CN113032818B true CN113032818B (en) 2021-08-31

Family

ID=76455981

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110581838.4A Active CN113032818B (en) 2021-05-27 2021-05-27 Task encryption method and device, electronic equipment and computer readable medium

Country Status (1)

Country Link
CN (1) CN113032818B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113268761B (en) * 2021-07-20 2021-09-24 北京国电通网络技术有限公司 Information encryption method and device, electronic equipment and computer readable medium
CN114003188B (en) * 2021-10-09 2024-02-20 北京用友薪畴数字科技有限公司 Information encryption display method, device, electronic equipment and computer readable medium
CN117236905A (en) * 2023-11-13 2023-12-15 北京国电通网络技术有限公司 Method, device, electronic equipment and computer readable medium for checking bidding documents

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102063511A (en) * 2011-01-21 2011-05-18 深圳市汉普电子技术开发有限公司 Data synchronism system and method
CN105718507A (en) * 2016-01-06 2016-06-29 杭州数梦工场科技有限公司 Data migration method and device
CN106789975A (en) * 2016-12-07 2017-05-31 广东京奥信息科技有限公司 A kind of method of the text encryption transmission with byte stream is preserved
CN109753493A (en) * 2019-01-04 2019-05-14 中国银行股份有限公司 The method, apparatus and equipment of Data Migration are carried out between database

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444670B2 (en) * 2006-03-21 2008-10-28 International Business Machines Corporation Method and apparatus for migrating a virtual TPM instance and preserving uniqueness and completeness of the instance
US7802102B2 (en) * 2006-10-24 2010-09-21 International Business Machines Corporation Method for efficient and secure data migration between data processing systems
US10262050B2 (en) * 2015-09-25 2019-04-16 Mongodb, Inc. Distributed database systems and methods with pluggable storage engines
CN109670323A (en) * 2018-12-10 2019-04-23 金瓜子科技发展(北京)有限公司 A kind of file encrypting method, decryption method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102063511A (en) * 2011-01-21 2011-05-18 深圳市汉普电子技术开发有限公司 Data synchronism system and method
CN105718507A (en) * 2016-01-06 2016-06-29 杭州数梦工场科技有限公司 Data migration method and device
CN106789975A (en) * 2016-12-07 2017-05-31 广东京奥信息科技有限公司 A kind of method of the text encryption transmission with byte stream is preserved
CN109753493A (en) * 2019-01-04 2019-05-14 中国银行股份有限公司 The method, apparatus and equipment of Data Migration are carried out between database

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Hadoop架构下数据挖掘与数据迁移系统的设计与实现;吕明育;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130715(第 07 期);第I138-739页 *
Secure data migration between cloud storage systems;Chetan Gudisagar等;《2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI)》;20171204;第2208-2212页 *
研究Hbaes数据库迁移工具的设计与实现;孙瑜等;《数字技术与应用》;20170430(第4期);第209-210页 *

Also Published As

Publication number Publication date
CN113032818A (en) 2021-06-25

Similar Documents

Publication Publication Date Title
CN113032818B (en) Task encryption method and device, electronic equipment and computer readable medium
JP7012730B2 (en) Parallel execution of transactions in a blockchain network based on a smart contract whitelist
KR102222612B1 (en) Smart contract whitelist
KR20200083936A (en) Parallel execution of transactions on the blockchain network
CN112434818B (en) Model construction method, device, medium and electronic equipment
CN113268761B (en) Information encryption method and device, electronic equipment and computer readable medium
US11449352B2 (en) Systems and methods for converting record formats
CN111950032A (en) Block chain-based data storage method, terminal device and storage medium
CN114781351B (en) Bid file analysis method, device, equipment and medium based on power data
WO2022151888A1 (en) Data sharing method and apparatus
CN112182112A (en) Block chain based distributed data dynamic storage method and electronic equipment
CN115934640A (en) Data storage method, system, electronic equipment and storage medium
CN115658655A (en) Information processing method, device, electronic equipment and storage medium
CN112257039B (en) Identity attribute adding method and device and electronic equipment
CN112181308A (en) Block chain based distributed data storage method and electronic equipment
CN114003188B (en) Information encryption display method, device, electronic equipment and computer readable medium
CN111367590A (en) Interrupt event processing method and device
CN113301058B (en) Information encryption transmission method and device, electronic equipment and computer readable medium
CN116703190B (en) Power consumption information processing method, device, electronic equipment and computer readable medium
CN110909382B (en) Data security control method and device, electronic equipment and computer readable medium
CN111949627B (en) Method, device, electronic equipment and medium for tabulating log files
CN112235167B (en) Flow alarm method, device, electronic equipment and computer readable medium
CN117390658B (en) Data security engine, data security access system and access method
CN117132245B (en) Method, device, equipment and readable medium for reorganizing online article acquisition business process
CN113626873B (en) Authentication method, device, electronic equipment and computer readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20231114

Address after: Building 4, Dongxu International Center, yard 2, sihezhuang Road, Fengtai District, Beijing 100070 (South Building of block a)

Patentee after: BEIJING GUODIANTONG NETWORK TECHNOLOGY Co.,Ltd.

Patentee after: State Grid Siji Location Service Co.,Ltd.

Address before: 100107 32-3-4108-4109, building 32, Chuangye Middle Road, Haidian District, Beijing

Patentee before: BEIJING GUODIANTONG NETWORK TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right