CN113268752A - Data management method, device, equipment and storage medium - Google Patents
Data management method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN113268752A CN113268752A CN202110562201.0A CN202110562201A CN113268752A CN 113268752 A CN113268752 A CN 113268752A CN 202110562201 A CN202110562201 A CN 202110562201A CN 113268752 A CN113268752 A CN 113268752A
- Authority
- CN
- China
- Prior art keywords
- information
- equipment
- test terminal
- encryption
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000013523 data management Methods 0.000 title claims abstract description 44
- 238000012360 testing method Methods 0.000 claims abstract description 118
- 238000012795 verification Methods 0.000 claims abstract description 24
- 238000004422 calculation algorithm Methods 0.000 claims description 36
- 238000004590 computer program Methods 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 6
- 238000013475 authorization Methods 0.000 description 43
- 230000006870 function Effects 0.000 description 12
- 238000007726 management method Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000013507 mapping Methods 0.000 description 4
- 230000007488 abnormal function Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007599 discharging Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application discloses a data management method, a data management device, equipment and a storage medium, and equipment information of the equipment can be acquired by responding to a data acquisition request aiming at the equipment; encrypting the equipment information to obtain encrypted information; sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information; acquiring decryption information to be verified matched with the decryption information; and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal. According to the scheme, the encrypted information is generated by the equipment, the testing terminal is instructed to decrypt the encrypted information, the equipment compares the information to be decrypted with the decrypted information, whether corresponding data are sent to the testing terminal or not is determined, data management is achieved, and the safety of the equipment is improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a data management method, apparatus, device, and storage medium.
Background
In the development and use processes of the electronic device, a problem of abnormal function may occur, for example, the function of the electronic device cannot be realized, or the function of the electronic device is realized incorrectly. The problem of abnormal function of the electronic equipment can be solved by acquiring debugging data of the electronic equipment and analyzing the problem.
At present, in the process of acquiring debugging data of electronic equipment, a test terminal is required to be connected with the electronic equipment, so that the debugging data of the electronic equipment can be directly read, any test terminal can acquire the debugging data, and the electronic equipment has the safety problem of debugging data leakage due to the fact that the debugging data is related to a code program of the electronic equipment.
Disclosure of Invention
The embodiment of the application provides a data management method, a data management device, equipment and a storage medium, which can realize data management and improve the safety of the equipment.
The data management method provided by the embodiment of the application comprises the following steps:
responding to a data acquisition request aiming at equipment, and acquiring equipment information of the equipment;
encrypting the equipment information to obtain encrypted information;
sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information;
acquiring decryption information to be verified matched with the decryption information;
and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal.
Correspondingly, an embodiment of the present application further provides a data management apparatus, including:
a first acquisition unit configured to acquire device information of a device in response to a data acquisition request for the device;
the encryption unit is used for encrypting the equipment information to obtain encrypted information;
the first sending unit is used for sending the encrypted information to a test terminal so as to instruct the test terminal to decrypt the encrypted information to obtain decrypted information;
the second acquisition unit is used for receiving the decryption information to be verified matched with the decryption information;
and the second sending unit is used for sending the data corresponding to the data acquisition request to the test terminal if the decryption information to be verified passes the verification.
Correspondingly, the embodiment of the present application further provides an apparatus, which includes a memory and a processor; the memory stores a computer program, and the processor is used for operating the computer program in the memory to execute any data management method provided by the embodiment of the application.
Correspondingly, the embodiment of the present application further provides a storage medium, where the storage medium is used to store a computer program, and the computer program is loaded by a processor to execute any one of the data management methods provided in the embodiment of the present application.
The method comprises the steps of responding to a data acquisition request aiming at equipment to acquire equipment information of the equipment; encrypting the equipment information to obtain encrypted information; sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information; acquiring decryption information to be verified matched with the decryption information; and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal. According to the scheme, the encrypted information is generated by the equipment, the testing terminal is instructed to decrypt the encrypted information, the equipment compares the information to be decrypted with the decrypted information, whether corresponding data are sent to the testing terminal or not is determined, data management is achieved, and the safety of the equipment is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flow chart of a data management method provided by an embodiment of the present application;
FIG. 2 is another flow chart of a data management method provided by an embodiment of the present application;
fig. 3 is a schematic diagram of an encryption process of a device provided by an embodiment of the present application;
FIG. 4 is a schematic diagram of a decryption process of a test terminal according to an embodiment of the present application;
FIG. 5 is a schematic view of a device provided in an embodiment of the present application;
fig. 6 is a schematic structural diagram of an apparatus provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application provides a data management method, a data management device, data management equipment and a storage medium. The data management device can be integrated in equipment, such as household electrical appliances and terminals.
The household appliances can be air conditioners, televisions, intelligent door locks, intelligent sound equipment and other equipment; the terminal can be a mobile phone, a wearable smart device, a tablet Computer, a notebook Computer, a Personal Computer (PC), and other devices.
The present embodiment will be described from the perspective of a data management apparatus, which may be integrated in a device in particular.
101. Device information of a device is acquired in response to a data acquisition request for the device.
The device may be a device such as an air conditioner, a television, an intelligent door lock, an intelligent sound, a mobile phone, a wearable intelligent device, a tablet Computer, a notebook Computer, a Personal Computer (PC), and the like.
The data obtaining request may be a request for instructing the device to send corresponding data to the test terminal.
For example, specifically, when the device is wirelessly connected to the test terminal, for example, bluetooth, a local area network, and the like, the test terminal sends a data acquisition request to the device based on the connection mode to acquire data corresponding to the data acquisition request.
The equipment and the test terminal can also be connected in a wired mode such as a serial port, and the test terminal sends a data acquisition request to the equipment through the serial port.
The data obtaining request may be sent by the test terminal, or may be generated by the device according to an operation of a user, that is, in an embodiment, before the step "obtaining device information of the device in response to the data obtaining request of the device", the data management method provided in the embodiment of the present application further includes:
acquiring identity authentication information of a user using a test terminal;
and if the identity authentication information is matched with the target identity information, generating a data acquisition request.
The identity authentication information may be information for identifying the identity of the user, such as face information, fingerprint information, iris information, voiceprint information, character information, and the like.
The target identity information may be information corresponding to the authentication information preset by the device, for example, if the target identity information is face information, the face information is used for comparing with the authentication information to determine the identity of the user, or the target identity information may be set by the user through the device.
The user may be a user who obtains device data through the test terminal.
For example, the test terminal may be specifically instructed to send the authentication information through the instruction and acquire the authentication information sent by the test terminal, or the device may acquire the authentication information through an input device of the device, such as a mouse, a keyboard, a microphone, and the like.
In an embodiment, the step of "acquiring the authentication information of the user using the test terminal" may specifically be:
and acquiring any one or more combinations of face information, fingerprint information, iris information, voiceprint information and character information of a user using the test terminal to obtain the identity verification information.
The face information may be an image or a video stream containing a face; the fingerprint information may be an image containing a fingerprint; the iris information may be a picture or video stream containing eyes; the voiceprint information can be audio containing sound; the character information may be a character string containing words, letters, and/or special characters.
For example, the face information of the user may be obtained through a camera of the device, the fingerprint information of the user may be obtained through a fingerprint collector, the voiceprint information of the user may be obtained through a microphone, the character information of the user through keyboard data may be obtained, and the iris information of the user may be obtained through the camera.
Optionally, the face information, the fingerprint information, the iris information, the voiceprint information, and/or the character information may be obtained by instructing the testing terminal.
And any one of the obtained face information, fingerprint information, voiceprint information and character information is taken as identity authentication information, or any plurality of the obtained face information, fingerprint information, voiceprint information and character information are combined to obtain user authentication information.
It can be understood that the required user authentication information may be determined according to the target identity information to obtain corresponding information, for example, the target identity information is information obtained by combining target face information and target fingerprint information, and the authentication information may also be information obtained by combining face information and fingerprint information, so that the matching may be performed.
Therefore, it is necessary to acquire an image or a video stream of a user including a face through a camera and acquire user fingerprint information through a fingerprint acquirer.
And comparing the identity authentication information with the target identity information, if the identity authentication information is matched with the target identity information, representing that the user has the authority to acquire the data of the equipment, and generating a data acquisition request by the equipment.
The identity of the user is verified by acquiring the identity verification information of the user using the test terminal, when the verification is passed, a data acquisition request is generated, the subsequent steps of sending data to the test terminal and the like are executed, the authority is set for the user acquiring the related data of the equipment, and the safety of the equipment is improved.
After the user passes the authentication, an operation interface may be displayed, whether to generate a data acquisition request may be determined through interaction with the user, and the flexibility of data transmission may be improved through interaction with the user through the operation interface. That is, in an embodiment, the step "if the authentication information matches the target identity information, the data obtaining request is generated", which may specifically be:
if the identity verification information is the target identity information, displaying a setting interface;
and responding to the selection operation aiming at the setting interface to generate a data acquisition request.
The setting interface may be a computer operation user interface displayed in a graphical manner, for example, an operation interface capable of interacting with a user.
For example, specifically, if the identity authentication information is the target identity information, the display interface may include a control for directly generating or indirectly generating the data acquisition request in the display setting interface, for example, the control may be a button for turning on a "regulation mode", and when the user clicks the button or sets the button to an on state, the device responds to a selection operation of the user to generate the corresponding data acquisition request.
102. And encrypting the equipment information to obtain encrypted information.
The device information may be information identifying the device, such as a Serial Number (SN) of software, or a character string preset by the device.
The encrypted information may be information obtained by performing encryption processing based on the device information, and may be obtained by performing decryption in a process opposite to the encryption process, so as to obtain decrypted information related to the device information.
For example, the device information may be specifically encrypted, for example, the device information is converted according to a one-way hash function to obtain a character string with a fixed length, that is, the encrypted information is obtained. The equipment information can also be encrypted through an AES algorithm or an RSA algorithm to obtain encrypted information.
If the identifier of the device is encrypted, the obtained encrypted information is the same, and if the decrypted information obtained after the encrypted information is decrypted is leaked, the encryption process will be invalid, that is, the device is in an unsafe state, in one embodiment, a time variable can be introduced through a timestamp algorithm, so that the uncertainty of the encrypted information is increased, and the security of the device is improved, that is, the step "encrypting the device information to obtain the encrypted information" specifically may be:
encrypting the equipment information based on a timestamp algorithm to obtain encrypted information to be processed;
and calculating the encryption information to be processed based on an encryption algorithm to obtain the encryption information.
The timestamp algorithm may be an algorithm that calculates the device information based on the current Time to obtain a One-Time Password, for example, a Time-based One-Time Password (TOTP) algorithm.
The encryption information to be processed may be information obtained by performing encryption processing on the device information once.
The encryption algorithm may be an algorithm capable of encrypting the device information and the encryption information to be processed, and may be, for example, a public key encryption algorithm, a Base64 encoding algorithm, an AES algorithm, or an RSA algorithm.
For example, the encryption information to be processed may be obtained specifically by obtaining a timestamp corresponding to the current time of the device information, and obtaining a one-time password related to the timestamp and the device information based on a timestamp algorithm.
The time stamp is an algorithm of the total number of seconds from Greenwich mean time 1970, 01, 00 hours 00 minutes 00 seconds (Beijing time 1970, 01, 08 hours 00 minutes 00 seconds) to the present. For example, it is now time in Beijing: 2021-04-2819: 56:03 with a corresponding timestamp of 1619610963.
And calculating the obtained to-be-processed encryption information through an encryption algorithm to obtain the encryption information.
It is understood that the number of times of encryption processing is added to the device information according to the security requirement, for example, after the device information is encrypted based on the TOTP algorithm, the encrypted information is obtained by encrypting again through the key algorithm and the base64 encoding algorithm.
In an embodiment, the device information may include identification information and time information, and the uncertainty of the device information is increased by the time information, so that the encrypted information obtained by encrypting the device information is different, and the decrypted information obtained by decrypting is different, thereby improving the security of the device, that is, the device information includes the identification information time information, and the step "encrypting the device information to obtain the encrypted information" may specifically be:
performing hash operation on the identification information and the time information to obtain hash encryption information;
and intercepting information of a preset field from the Hash encryption information according to a preset interception strategy to obtain encryption information.
The identification information may be information identifying the device, such as a Serial Number (SN) of the device, or a character string obtained by combining one or more of data, characters, and letters.
The time information may be time information of a clock of the device, for example, the time of the clock of the device at this moment is 2021, 4, 28, 19:56:03, and the corresponding time information may be 20210428195603. The time information may also be a timestamp. The timestamp may be derived by a timestamp algorithm or obtained from a third party timestamp server.
For example, the specific example may be that the time information and the device information are concatenated to obtain a character string, for example, if the device obtains a timestamp of 1619610963 and the device information of 20065421, the obtained character string is 161961096320065421, or the lower four bits of the timestamp and the lower four bits of the device information are truncated to obtain a character string: 09635421.
and carrying out Hash operation on the character string obtained by splicing the time information and the equipment information to obtain the character string with fixed length, namely Hash encryption information.
And intercepting the hash encryption information according to a preset interception strategy, for example, intercepting the lower four bits of the hash encryption information as the hash encryption information, or intercepting the upper six bits of the hash encryption information as the hash encryption information, so as to obtain the encryption information.
The hash encryption information, the device information, or the identification information may be used as an object to be compared with the decryption information to be verified, that is, correspondingly, the decryption information obtained by decrypting the encryption information by the test terminal is the hash encryption information, the device information, or the identification information.
The decryption process of the test terminal depends on the information of the object compared with the decryption information to be verified, and the decryption process can be agreed by the equipment and the test terminal in advance.
It can be understood that the uncertainty of the encryption information can be increased by the timestamp, and therefore, the strategy for splicing the timestamp and the device information can be flexibly set according to needs, which is not limited herein.
In an embodiment, the device information may be encrypted by using a key, and even if the encryption process is leaked, correct decryption information cannot be obtained by decryption without using a corresponding key, that is, the step "encrypting the device information to obtain encrypted information" may specifically be:
acquiring a public key of the equipment;
encrypting the equipment information by using the public key to obtain initial encryption information;
and encoding the initial encryption information to obtain the encryption information.
The public key and the private key are a key pair obtained through a key algorithm, and the public key and the private key are called as public keys which are published to the outside; what it retains is called the private key.
Where encoding is the process of converting the initial encrypted information from one form or format to another.
For example, the method may specifically be to obtain a public key of the device, sign the device information by using the public key, encrypt the device information to obtain initial encrypted information, and protect the integrity of the device information.
The method includes the steps of encoding initial encryption information, for example, converting the initial encryption information into a binary value, or mapping the initial encryption information based on a preset mapping table to encode the initial encryption information so as to perform secondary encryption on the initial encryption information to obtain encryption information, or encoding the initial encryption information by using a base64 encoding algorithm to obtain encryption information.
103. And sending the encrypted information to the test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information.
The test terminal can be a mobile phone, a wearable intelligent device, a tablet computer, a notebook computer, a PC, other test tools and the like.
For example, the encryption information may be specifically sent to the test terminal by the connection between the device and the test terminal.
And after the test terminal receives the encrypted information, reverse decryption is carried out based on the encryption process of the equipment to the equipment information by the equipment to obtain decrypted information.
104. And acquiring the decryption information to be verified matched with the decryption information.
The decryption information to be verified may be information used by the device to verify the identity of the user.
For example, the device may specifically send the encrypted information to the test terminal, instruct the test terminal to decrypt the encrypted information to obtain decrypted information, and obtain information to be decrypted, which is sent by the test terminal based on the decrypted information.
Or the information to be decrypted input on the equipment after the user obtains the decryption information through the test terminal can be obtained.
Because the information to be decrypted can be input by the user through the test terminal or the device, and the user has the problem of input error, the information to be decrypted and the decryption information may be the same or different.
105. And if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal.
The data may be data stored in the device, such as data of a buried point, user data, and debugging data.
The debugging data may also be called as debugging information, and may be used to assist a debugger in analyzing and debugging the layout of a debugged program, help the debugger to locate variables and function addresses, display values of the variables (including complex structures such as structures and classes), and map the addresses to lines of source code.
For example, the verification may be passed and data is sent to the test terminal if the comparison target information of the decryption information to be verified is the device information, and if the decryption information to be verified is the same as the device information.
As can be seen from the above, in the embodiment of the present application, the device information of the device is obtained by responding to the data obtaining request for the device; encrypting the equipment information to obtain encrypted information; sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information; acquiring decryption information to be verified matched with the decryption information; and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal. According to the scheme, the encrypted information is generated by the equipment, the testing terminal is instructed to decrypt the encrypted information, the equipment compares the information to be decrypted with the decrypted information, whether corresponding data are sent to the testing terminal or not is determined, data management is achieved, and the safety of the equipment is improved.
On the basis of the above-described embodiments, further details will be given below by way of example.
In this embodiment, from the perspective of the data management device and the test terminal, the authentication information is taken as a management password, the encryption information is taken as authorization application information, the decryption information is taken as an authorization code, and the data is taken as debugging information.
In the data management method provided in the embodiment of the present application, the method may be executed by a processor of a device, as shown in fig. 2, a specific process of the data management method may be as follows:
201. the equipment is connected with the test terminal through a serial port.
For example, the test terminal may be connected to a serial port reserved in the device through a serial port line.
202. The device enters a management mode according to a received management password input by the user through the device, and displays a setting interface.
For example, the user may specifically input a management password through a keyboard of the device, the device verifies whether the management password matches a preset password, and if so, the device performs a management mode and displays a setting interface.
203. The device enters a debugging authorization mode in response to the selection operation of the user.
For example, the user selects the debug authorization mode on the setting interface, and the device responds to the selection operation of the user to perform the debug authorization mode.
As shown in fig. 3, the device enters a debug authorization mode to execute obtaining of a software serial number of the device and a timestamp of a current time, and the software serial number and the timestamp are calculated based on a TOTP algorithm to obtain an authorization code.
And after obtaining the authorization code, asymmetrically encrypting the authorization code by using the public key, and then coding the authorization code according to a base64 algorithm so as to encrypt the authorization code again to obtain authorization application information.
204. The device sends authorization application information to the test terminal through the serial port.
For example, the device sends the authorization application information to the test terminal through the serial port, so that the test terminal decrypts the authorization application information.
205. And the test terminal generates an authorization code according to the authorization application information.
For example, after obtaining the authorization application information, the test terminal may copy the authorization application information to a debugging authorization website corresponding to the device or a corresponding debugging authorization tool, and decrypt the authorization information through the debugging authorization website or the debugging authorization tool, for example, as shown in fig. 4, the test terminal receives the authorization application information, reversely decrypts the authorization application information based on a base algorithm to obtain first decryption information, and decrypts the first decryption information by using a private key to obtain the authorization code.
206. The device obtains the authorization code to be verified input by the user through the device.
For example, the device receives an authorization code to be verified that is entered by a user via a keypad of the device.
207. The device determines whether the authorization code to be verified is correct.
208. And if the authorization code to be verified is correct, the equipment outputs debugging information to the test terminal.
For example, if the authorization code to be verified is the same as the authorization code, the authorization code to be verified is correct, and the debugging information is output to the test terminal.
And if the authorization code to be verified is incorrect, prompting the user to input authorization information to be verified again, or refusing to send debugging information to the test terminal, and exiting the process.
Therefore, in the embodiment of the application, the device is connected with the test terminal through the serial port, the device enters the management mode according to the received management password input by the user through the device, the setting interface is displayed, the device responds to the selection operation of the user and enters the debugging authorization mode, the device sends authorization application information to the test terminal through the serial port, the test terminal generates the authorization code according to the authorization application information, the device acquires the authorization code to be verified input by the user through the device, judges whether the authorization code to be verified is correct, and if the authorization code to be verified is correct, the device outputs the debugging information to the test terminal. According to the scheme, the encrypted information is generated by the equipment, the testing terminal is instructed to decrypt the encrypted information, the equipment compares the information to be decrypted with the decrypted information, whether corresponding data are sent to the testing terminal or not is determined, data management is achieved, and the safety of the equipment is improved.
In order to better implement the data management method provided by the embodiment of the present application, in an embodiment, a data management device is further provided. The terms are the same as those in the data management method, and details of implementation can be referred to the description in the method embodiment.
The data management apparatus may be specifically integrated in a device, as shown in fig. 5, and the data management apparatus may include: the first obtaining unit 301, the encrypting unit 302, the first sending unit 303, the second obtaining unit 304, and the second sending unit 305 are as follows:
(1) first acquisition unit 301: the device information acquisition module is used for responding to a data acquisition request aiming at the device and acquiring the device information of the device.
For example, specifically, when the device is wirelessly connected to the test terminal, for example, bluetooth, a local area network, and the like, the test terminal sends a data acquisition request to the device based on the connection mode to acquire data corresponding to the data acquisition request.
The equipment and the test terminal can also be connected in a wired mode such as a serial port, and the test terminal sends a data acquisition request to the equipment through the serial port.
In an embodiment, the data management apparatus provided in the embodiment of the present application further includes a third obtaining unit and a generating unit, specifically:
a third acquisition unit: the system comprises a test terminal, a server and a server, wherein the test terminal is used for acquiring identity authentication information of a user using the test terminal;
a generation unit: and the data acquisition module is used for generating a data acquisition request if the identity authentication information is matched with the target identity information.
For example, the test terminal may be specifically instructed to send the authentication information through the instruction and acquire the authentication information sent by the test terminal, or the device may acquire the authentication information through an input device of the device, such as a mouse, a keyboard, a microphone, and the like.
And comparing the identity authentication information with the target identity information, if the identity authentication information is matched with the target identity information, representing that the user has the authority to acquire the data of the equipment, and generating a data acquisition request by the equipment.
In an embodiment, the third obtaining unit may include a obtaining subunit, and specifically, the obtaining subunit is configured to:
and acquiring any one or more combinations of face information, fingerprint information, iris information, voiceprint information and character information of a user using the test terminal to obtain the identity verification information.
For example, the face information of the user may be obtained through a camera of the device, the fingerprint information of the user may be obtained through a fingerprint collector, the voiceprint information of the user may be obtained through a microphone, the character information of the user through keyboard data may be obtained, and the iris information of the user may be obtained through the camera.
Optionally, the face information, the fingerprint information, the iris information, the voiceprint information, and/or the character information may be obtained by instructing the testing terminal.
In an embodiment, the generating unit may include a display subunit and a generating subunit, specifically:
a display subunit: the device is used for displaying a setting interface if the identity authentication information is the target identity information;
generating a subunit: and the data acquisition unit is used for responding to the selection operation aiming at the setting interface and generating a data acquisition request.
For example, specifically, if the identity verification information is the target identity information, the display interface may include a control for directly generating or indirectly generating the data acquisition request in the display setting interface.
(2) The encryption unit 302: the device information encryption device is used for encrypting the device information to obtain encrypted information.
For example, the device information may be specifically encrypted, for example, the device information is converted according to a one-way hash function to obtain a character string with a fixed length, that is, the encrypted information is obtained. The equipment information can also be encrypted through an AES algorithm or an RSA algorithm to obtain encrypted information.
In an embodiment, the encryption unit 302 may include an encryption subunit and a computation subunit, and specifically:
an encryption subunit: the device information encryption method comprises the steps of encrypting device information based on a timestamp algorithm to obtain encrypted information to be processed;
a calculation subunit: the encryption algorithm is used for calculating the encryption information to be processed based on the encryption algorithm to obtain the encryption information.
For example, the encryption information to be processed may be obtained specifically by obtaining a timestamp corresponding to the current time of the device information, and obtaining a one-time password related to the timestamp and the device information based on a timestamp algorithm.
And calculating the obtained to-be-processed encryption information through an encryption algorithm to obtain the encryption information.
And taking the one-time password as the encrypted information to be processed.
In an embodiment, the encryption unit 302 may include an operation subunit and an interception subunit, and specifically may be:
an operation subunit: the hash algorithm is used for carrying out hash operation on the identification information and the time information to obtain hash encryption information;
intercepting a subunit: and the hash encryption information processing device is used for intercepting the information of the preset field from the hash encryption information according to a preset interception strategy to obtain the encryption information.
For example, the time information and the device information may be spliced to obtain a character string, and the character string obtained by splicing based on the time information and the device information may be subjected to hash operation to obtain a character string with a fixed length, that is, hash encryption information.
And intercepting the hash encryption information according to a preset interception strategy, for example, intercepting the lower four bits of the hash encryption information as the hash encryption information, or intercepting the upper six bits of the hash encryption information as the hash encryption information, so as to obtain the encryption information.
In an embodiment, the encryption unit 302 may include an acquisition subunit, an encryption subunit, and an encoding subunit, specifically:
an acquisition subunit: a public key for obtaining a device;
an encryption subunit: the device information encryption method comprises the steps of encrypting device information by using a public key to obtain initial encryption information;
the coding subunit: and the encryption module is used for encoding the initial encryption information to obtain the encryption information.
For example, the method may specifically be to obtain a public key of the device, sign the device information by using the public key, encrypt the device information to obtain initial encrypted information, and protect the integrity of the device information.
The method includes the steps of encoding initial encryption information, for example, converting the initial encryption information into a binary value, or mapping the initial encryption information based on a preset mapping table to achieve encoding of the initial encryption information so as to perform secondary encryption on the initial encryption information to obtain encryption information.
(3) First transmission unit 303: and the encryption module is used for sending the encryption information to the test terminal so as to instruct the test terminal to decrypt the encryption information to obtain decryption information.
For example, the encryption information may be specifically sent to the test terminal by the connection between the device and the test terminal.
And after the test terminal receives the encrypted information, reverse decryption is carried out based on the encryption process of the equipment to the equipment information by the equipment to obtain decrypted information.
(4) The second acquisition unit 304: and the decryption information verification module is used for obtaining the decryption information to be verified, which is matched with the decryption information.
For example, the device may specifically send the encrypted information to the test terminal, instruct the test terminal to decrypt the encrypted information to obtain decrypted information, and obtain information to be decrypted, which is sent by the test terminal based on the decrypted information.
Or the information to be decrypted input on the equipment after the user obtains the decryption information through the test terminal can be obtained.
(5) Second transmitting section 305: and the data acquisition module is used for sending data corresponding to the data acquisition request to the test terminal if the decryption information to be verified passes the verification.
For example, the data may be sent to the test terminal if the decryption information to be verified passes verification.
The data management apparatus in the embodiment of the application responds to a data acquisition request for a device through a first acquisition unit 301, and acquires device information of the device; the encryption unit 302 encrypts the device information to obtain encrypted information; sending the encrypted information to the test terminal through the first sending unit 303 to instruct the test terminal to decrypt the encrypted information to obtain decrypted information; acquiring decryption information to be verified matched with the decryption information by the second acquisition unit 304; finally, if the decryption information to be verified passes the verification, the second sending unit 305 sends the data corresponding to the data obtaining request to the test terminal. The data management device can generate the encrypted information, instruct the test terminal to decrypt the encrypted information, compare the information to be decrypted with the decrypted information, determine whether to send corresponding data to the test terminal, realize data management and improve the safety of equipment.
An embodiment of the present application further provides a device, which may be a home appliance device, a terminal, and the like, and as shown in fig. 6, it shows a schematic structural diagram of the device according to the embodiment of the present application, specifically:
the apparatus may include components such as a processor 1001 of one or more processing cores, memory 1002 of one or more computer-readable storage media (which may also be referred to as storage media), a power supply 1003, and an input unit 1004. Those skilled in the art will appreciate that the configuration of the apparatus shown in fig. 6 is not intended to be limiting of the apparatus and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. Wherein:
the processor 1001 is a control center of the apparatus, connects various parts of the entire apparatus with various interfaces and lines, and performs various functions of the apparatus and processes data by running or executing software programs and/or modules stored in the memory 1002 and calling data stored in the memory 1002, thereby monitoring the entire apparatus. Optionally, processor 1001 may include one or more processing cores; preferably, the processor 1001 may integrate an application processor, which mainly handles operating systems, user interfaces, computer programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 1001.
The memory 1002 may be used to store software programs and modules, and the processor 1001 executes various functional applications and data processing by operating the software programs and modules stored in the memory 1002. The memory 1002 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, a computer program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data created according to use of the device, and the like. Further, the memory 1002 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 1002 may also include a memory controller to provide the processor 1001 access to the memory 1002.
The device further comprises a power source 1003 for supplying power to each component, and preferably, the power source 1003 is logically connected with the processor 1001 through a power management system, so that functions of charging, discharging, power consumption management and the like are managed through the power management system. The power source 1003 may also include any component including one or more of a dc or ac power source, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
The device may also include an input unit 1004, which input unit 1004 may be used to receive entered numeric or character information, and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.
Although not shown, the device may further include a display unit and the like, which will not be described in detail herein. Specifically, in this embodiment, the processor 1001 in the device loads the executable file corresponding to the process of one or more computer programs into the memory 1002 according to the following instructions, and the processor 1001 runs the computer programs stored in the memory 1002, so as to implement various functions as follows:
responding to a data acquisition request aiming at equipment, and acquiring equipment information of the equipment;
encrypting the equipment information to obtain encrypted information;
sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information;
acquiring decryption information to be verified matched with the decryption information; and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
As can be seen from the above, in the embodiment of the present application, the device information of the device is obtained by responding to the data obtaining request for the device; encrypting the equipment information to obtain encrypted information; sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information; acquiring decryption information to be verified matched with the decryption information; and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal. According to the scheme, the encrypted information is generated by the equipment, the testing terminal is instructed to decrypt the encrypted information, the equipment compares the information to be decrypted with the decrypted information, whether corresponding data are sent to the testing terminal or not is determined, data management is achieved, and the safety of the equipment is improved.
According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the device to perform the methods provided in the various alternative implementations of the embodiments described above.
It will be understood by those skilled in the art that all or part of the steps of the methods of the above embodiments may be performed by a computer program, which may be stored in a computer-readable storage medium and loaded and executed by a processor, or by related hardware controlled by the computer program.
To this end, the present application provides a storage medium, in which a computer program is stored, where the computer program can be loaded by a processor to execute the steps in any one of the data management methods provided in the present application.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
Wherein the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
Since the computer program stored in the storage medium can execute the steps in any data management method provided in the embodiments of the present application, beneficial effects that can be achieved by any data management method provided in the embodiments of the present application can be achieved, and detailed descriptions are omitted herein for the sake of detail in the foregoing embodiments.
The foregoing detailed description is directed to a data management method, apparatus, device and storage medium provided in the embodiments of the present application, and specific examples are applied in the present application to explain the principles and implementations of the present application, and the descriptions of the foregoing embodiments are only used to help understand the method and core ideas of the present application; meanwhile, for those skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (10)
1. A method for managing data, comprising:
responding to a data acquisition request aiming at equipment, and acquiring equipment information of the equipment;
encrypting the equipment information to obtain encrypted information;
sending the encrypted information to a test terminal to instruct the test terminal to decrypt the encrypted information to obtain decrypted information;
acquiring decryption information to be verified matched with the decryption information;
and if the decryption information to be verified passes the verification, sending data corresponding to the data acquisition request to the test terminal.
2. The method according to claim 1, wherein the encrypting the device information to obtain encrypted information comprises:
encrypting the equipment information based on a timestamp algorithm to obtain encrypted information to be processed;
and calculating the encrypted information to be processed based on an encryption algorithm to obtain encrypted information.
3. The method of claim 1, wherein the device information includes identification information and time information, and wherein encrypting the device information to obtain encrypted information comprises:
performing hash operation on the identification information and the time information to obtain hash encryption information;
and intercepting information of a preset field from the Hash encryption information according to a preset interception strategy to obtain encryption information.
4. The method according to claim 1, wherein the encrypting the device information to obtain encrypted information comprises:
obtaining a public key of the device;
encrypting the equipment information by using the public key to obtain initial encryption information;
and encoding the initial encryption information to obtain encryption information.
5. The method according to any one of claims 1 to 4, wherein before acquiring the device information of the device in response to the data acquisition request for the device, the method comprises:
acquiring the identity verification information of a user using the test terminal;
and if the identity authentication information is target identity information, generating the data acquisition request.
6. The method of claim 5, wherein obtaining authentication information of a user using the test terminal comprises:
and acquiring any one or more combinations of face information, fingerprint information, iris information, voiceprint information and character information of a user using the test terminal to obtain identity verification information.
7. The method according to claim 5, wherein the triggering the data acquisition request if the authentication information is target identity information comprises:
if the identity verification information is target identity information, displaying a setting interface;
and responding to the selection operation aiming at the setting interface to generate the data acquisition request.
8. A data management apparatus, comprising:
a first acquisition unit configured to acquire device information of a device in response to a data acquisition request for the device;
the encryption unit is used for encrypting the equipment information to obtain encrypted information;
the first sending unit is used for sending the encrypted information to a test terminal so as to instruct the test terminal to decrypt the encrypted information to obtain decrypted information;
the second acquisition unit is used for receiving the decryption information to be verified matched with the decryption information;
and the second sending unit is used for sending the data corresponding to the data acquisition request to the test terminal if the decryption information to be verified passes the verification.
9. An apparatus comprising a memory and a processor; the memory stores a computer program, and the processor is configured to execute the computer program in the memory to perform the data management method of any one of claims 1 to 7.
10. A storage medium for storing a computer program which is loaded by a processor to perform the data management method of any one of claims 1 to 7.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110562201.0A CN113268752A (en) | 2021-05-24 | 2021-05-24 | Data management method, device, equipment and storage medium |
| PCT/CN2022/094472 WO2022247790A1 (en) | 2021-05-24 | 2022-05-23 | Data management method and apparatus, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110562201.0A CN113268752A (en) | 2021-05-24 | 2021-05-24 | Data management method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113268752A true CN113268752A (en) | 2021-08-17 |
Family
ID=77232326
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110562201.0A Pending CN113268752A (en) | 2021-05-24 | 2021-05-24 | Data management method, device, equipment and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN113268752A (en) |
| WO (1) | WO2022247790A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022247790A1 (en) * | 2021-05-24 | 2022-12-01 | 深圳Tcl新技术有限公司 | Data management method and apparatus, device and storage medium |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115757191B (en) * | 2023-01-05 | 2023-05-16 | 广州市千钧网络科技有限公司 | Data processing method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107786566A (en) * | 2017-11-03 | 2018-03-09 | 奇酷互联网络科技(深圳)有限公司 | Method for protecting privacy, system, server and receiving terminal |
| CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
| CN110046514A (en) * | 2019-04-12 | 2019-07-23 | 深圳Tcl新技术有限公司 | Tune-up data guard method, device, server and storage medium |
| CN110224999A (en) * | 2019-05-20 | 2019-09-10 | 深圳壹账通智能科技有限公司 | Information interacting method, device and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101930389A (en) * | 2009-06-26 | 2010-12-29 | 英业达股份有限公司 | Automatic test system of computer and test method thereof |
| CN109861950A (en) * | 2017-11-30 | 2019-06-07 | 阿里巴巴集团控股有限公司 | Equipment remote debugging method, device, equipment and storage medium |
| CN109145622A (en) * | 2018-08-23 | 2019-01-04 | Tcl移动通信科技(宁波)有限公司 | Tune-up data output control method, mobile terminal and computer readable storage medium |
| CN113268752A (en) * | 2021-05-24 | 2021-08-17 | 深圳Tcl新技术有限公司 | Data management method, device, equipment and storage medium |
-
2021
- 2021-05-24 CN CN202110562201.0A patent/CN113268752A/en active Pending
-
2022
- 2022-05-23 WO PCT/CN2022/094472 patent/WO2022247790A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107786566A (en) * | 2017-11-03 | 2018-03-09 | 奇酷互联网络科技(深圳)有限公司 | Method for protecting privacy, system, server and receiving terminal |
| CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
| CN110046514A (en) * | 2019-04-12 | 2019-07-23 | 深圳Tcl新技术有限公司 | Tune-up data guard method, device, server and storage medium |
| CN110224999A (en) * | 2019-05-20 | 2019-09-10 | 深圳壹账通智能科技有限公司 | Information interacting method, device and storage medium |
Non-Patent Citations (3)
| Title |
|---|
| 吕志香: "《现代电气控制技术应用实践》", 31 July 2020, 北京理工大学出版社, pages: 128 - 129 * |
| 温涛: "物联网信息处理与安全", 东软电子出版社, pages: 58 * |
| 王顺: "《网络空间安全》", 31 March 2021, 机械工业出版社, pages: 162 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022247790A1 (en) * | 2021-05-24 | 2022-12-01 | 深圳Tcl新技术有限公司 | Data management method and apparatus, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022247790A1 (en) | 2022-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110378139B (en) | Data key protection method, system, electronic equipment and storage medium | |
| US11258792B2 (en) | Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium | |
| CN112291190B (en) | Identity authentication method, terminal and server | |
| EP3324572B1 (en) | Information transmission method and mobile device | |
| CN102255109B (en) | Authentication method for mobile terminal battery, and mobile terminal thereof | |
| CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
| CN108199847B (en) | Digital security processing method, computer device, and storage medium | |
| WO2022247790A1 (en) | Data management method and apparatus, device and storage medium | |
| CN112887282A (en) | Identity authentication method, device and system and electronic equipment | |
| CN114444134A (en) | Data use authorization method, system and device | |
| CN110941809A (en) | File encryption and decryption method and device, fingerprint password device and readable storage medium | |
| CN112003697A (en) | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium | |
| CN111901303A (en) | Device authentication method and apparatus, storage medium, and electronic apparatus | |
| CN111654503A (en) | Remote control method, device, equipment and storage medium | |
| CN111444496A (en) | Application control method, device, equipment and storage medium | |
| JP6378424B1 (en) | User authentication method with enhanced integrity and security | |
| CN108650219B (en) | User identity identification method, related device, equipment and system | |
| CN117240625B (en) | Tamper-resistant data processing method and device and electronic equipment | |
| CN113722741A (en) | Data encryption method and device and data decryption method and device | |
| WO2019218328A1 (en) | Smart door lock wireless communication method, smart door lock, gateway, and communication device | |
| CN110431557B (en) | Method and apparatus for performing secure backup and restore | |
| CN113297091B (en) | SoC chip debugging method and device and SoC chip | |
| CN115442037A (en) | Account management method, device, equipment and storage medium | |
| CN115065843B (en) | Video encryption and decryption processing method and system under security authentication | |
| CN112449143B (en) | Implementation method and implementation system of secure video |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |