CN113868505A - Data processing method and device, electronic equipment, server and storage medium - Google Patents

Data processing method and device, electronic equipment, server and storage medium Download PDF

Info

Publication number
CN113868505A
CN113868505A CN202111032589.XA CN202111032589A CN113868505A CN 113868505 A CN113868505 A CN 113868505A CN 202111032589 A CN202111032589 A CN 202111032589A CN 113868505 A CN113868505 A CN 113868505A
Authority
CN
China
Prior art keywords
field
encrypted
data request
ciphertext
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111032589.XA
Other languages
Chinese (zh)
Inventor
刘纯彰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Dajia Internet Information Technology Co Ltd
Original Assignee
Beijing Dajia Internet Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Dajia Internet Information Technology Co Ltd filed Critical Beijing Dajia Internet Information Technology Co Ltd
Priority to CN202111032589.XA priority Critical patent/CN113868505A/en
Publication of CN113868505A publication Critical patent/CN113868505A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The present disclosure relates to a data processing method, an apparatus, an electronic device, a server, and a storage medium, the method comprising: acquiring a field to be encrypted in a first data request, and splicing the field to be encrypted to obtain a spliced field; the field to be encrypted is a field representing object data; encrypting the spliced field according to the key corresponding to the spliced field to obtain a first encrypted ciphertext; encrypting the secret key according to a preset public key to obtain a second encrypted ciphertext; splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field; generating a second data request according to the target field and the rest fields in the first data request, and sending the second data request to a server; the remaining fields are fields in the first data request except the field to be encrypted. By adopting the method, data leakage is avoided, and the safety of the data is improved.

Description

Data processing method and device, electronic equipment, server and storage medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a data processing method and apparatus, an electronic device, a server, and a storage medium.
Background
In the field of computer technology, data is generally reported or requested by a data request, such as a data reporting request or a data query request; however, in the process of making a data request, the names or contents of the fields in the request are plaintext information, some field names may expose service internal information, and some field contents may expose user personal information, thereby affecting data security, and further resulting in low data security.
Disclosure of Invention
The present disclosure provides a data processing method, an apparatus, an electronic device, a server, and a storage medium, so as to at least solve the problem of low security of data in the related art. The technical scheme of the disclosure is as follows:
according to a first aspect of the embodiments of the present disclosure, there is provided a data processing method, including:
acquiring a field to be encrypted in a first data request, and splicing the field to be encrypted to obtain a spliced field; the field to be encrypted is a field representing object data;
encrypting the spliced field according to the key corresponding to the spliced field to obtain a first encrypted ciphertext;
encrypting the secret key according to a preset public key to obtain a second encrypted ciphertext;
splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field;
generating a second data request according to the target field and the rest fields in the first data request, and sending the second data request to a server; the remaining fields are fields in the first data request except the field to be encrypted.
In an exemplary embodiment, the obtaining a field to be encrypted in the first data request includes:
acquiring field identification of a field in a first data request;
if the field identification of the field is matched with a preset field identification, identifying the field as a field to be encrypted in the first data request; the preset field identification is a field identification of a field representing object data.
In an exemplary embodiment, before performing a splicing process on the field to be encrypted to obtain a spliced field, the method further includes:
acquiring a verification file; the verification file is used for verifying whether the field to be encrypted is a field representing object data;
verifying the field to be encrypted according to the verification file;
the splicing processing is carried out on the fields to be encrypted to obtain spliced fields, and the method comprises the following steps:
and if the field to be encrypted passes the verification, splicing the field to be encrypted according to a preset splicing sequence to obtain a spliced field.
In an exemplary embodiment, before the splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain the target field, the method further includes:
respectively carrying out encryption processing on the first encrypted ciphertext and the second encrypted ciphertext again to obtain a third encrypted ciphertext corresponding to the first encrypted ciphertext and a fourth encrypted ciphertext corresponding to the second encrypted ciphertext;
the splicing processing of the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field includes:
and splicing the third encrypted ciphertext corresponding to the first encrypted ciphertext and the fourth encrypted ciphertext corresponding to the second encrypted ciphertext to obtain the target field.
In an exemplary embodiment, before encrypting the concatenation field according to a key corresponding to the concatenation field to obtain a first encrypted ciphertext, the method further includes:
and generating a random key, and identifying the random key as a key corresponding to the splicing field.
According to a second aspect of the embodiments of the present disclosure, there is provided a data processing method, including:
receiving a second data request sent by the terminal;
acquiring a target field in the second data request; the target field consists of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key;
decrypting the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain the secret key;
decrypting the first encrypted ciphertext according to the key to obtain a spliced field;
and splitting the spliced field to obtain an original field corresponding to the first encrypted ciphertext.
In an exemplary embodiment, the obtaining the target field in the second data request includes:
acquiring field identification of a field in the second data request;
and screening out fields with the field identifications being the same as the target field identifications from the fields in the second data request, and identifying the fields as the target fields.
In an exemplary embodiment, the receiving the second data request sent by the terminal includes:
receiving a second data request sent by the terminal through a preset network channel; the second data request is generated by the terminal according to the target field and the remaining field in the first data request, the target field is obtained by encrypting the original field, the remaining field is a field except the original field in the first data request, and the original field is a field representing object data in the first data request.
In an exemplary embodiment, before decrypting the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain the key, the method further includes:
and identifying the first encrypted ciphertext and the second encrypted ciphertext from the target field according to the ciphertext combination sequence in the target field.
In an exemplary embodiment, before performing decryption processing on the first encrypted ciphertext according to the key to obtain a concatenated field, the method further includes:
acquiring the format of the secret key;
the decrypting the first encrypted ciphertext according to the key to obtain a spliced field includes:
and when the format of the key is matched with a preset format, decrypting the first encrypted ciphertext according to the key to obtain a spliced field.
According to a third aspect of the embodiments of the present disclosure, there is provided a data processing apparatus including:
the field splicing unit is configured to execute to-be-encrypted fields in the first data request, and splice the to-be-encrypted fields to obtain spliced fields; the field to be encrypted is a field representing object data;
the first encryption unit is configured to encrypt the spliced field according to a key corresponding to the spliced field to obtain a first encrypted ciphertext;
the second encryption unit is configured to perform encryption processing on the secret key according to a preset public key to obtain a second encrypted ciphertext;
the ciphertext splicing unit is configured to perform splicing processing on the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field;
the request sending unit is configured to generate a second data request according to the target field and the rest fields in the first data request, and send the second data request to a server; the remaining fields are fields in the first data request except the field to be encrypted.
In an exemplary embodiment, the field splicing unit is further configured to perform obtaining field identifications of fields in the first data request; if the field identification of the field is matched with a preset field identification, identifying the field as a field to be encrypted in the first data request; the preset field identification is a field identification of a field representing object data.
In an exemplary embodiment, the apparatus further comprises a field verification unit configured to perform obtaining a verification file; the verification file is used for verifying whether the field to be encrypted is a field representing object data; verifying the field to be encrypted according to the verification file;
and the field splicing unit is also configured to perform splicing processing on the fields to be encrypted according to a preset splicing sequence to obtain spliced fields if the fields to be encrypted pass verification.
In an exemplary embodiment, the apparatus further includes a ciphertext encryption unit configured to perform re-encryption processing on the first encrypted ciphertext and the second encrypted ciphertext respectively to obtain a third encrypted ciphertext corresponding to the first encrypted ciphertext and a fourth encrypted ciphertext corresponding to the second encrypted ciphertext;
the cipher text splicing unit is further configured to perform splicing processing on a third encrypted cipher text corresponding to the first encrypted cipher text and a fourth encrypted cipher text corresponding to the second encrypted cipher text to obtain the target field.
In an exemplary embodiment, the apparatus further includes a key obtaining unit configured to perform generating a random key and identifying the random key as a key corresponding to the splicing field.
According to a fourth aspect of the embodiments of the present disclosure, there is provided a data processing apparatus comprising:
a request receiving unit configured to perform receiving a second data request transmitted by the terminal;
a field acquisition unit configured to perform acquisition of a target field in the second data request; the target field consists of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key;
the first decryption unit is configured to decrypt the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain the secret key;
the second decryption unit is configured to decrypt the first encrypted ciphertext according to the key to obtain a spliced field;
and the field splitting unit is configured to split the spliced field to obtain an original field corresponding to the first encrypted ciphertext.
In an exemplary embodiment, the field obtaining unit is further configured to perform obtaining field identifications of fields in the second data request; and screening out fields with the field identifications being the same as the target field identifications from the fields in the second data request, and identifying the fields as the target fields.
In an exemplary embodiment, the request receiving unit is further configured to execute receiving a second data request sent by the terminal through a preset network channel; the second data request is generated by the terminal according to the target field and the remaining field in the first data request, the target field is obtained by encrypting the original field, the remaining field is a field except the original field in the first data request, and the original field is a field representing object data in the first data request.
In an exemplary embodiment, the apparatus further includes a ciphertext identification unit configured to perform identifying the first encrypted ciphertext and the second encrypted ciphertext from the target field in a ciphertext combining order in the target field.
In an exemplary embodiment, the apparatus further includes a format obtaining unit configured to perform obtaining a format of the key;
and the second decryption unit is further configured to perform decryption processing on the first encrypted ciphertext according to the key when the format of the key is matched with a preset format, so as to obtain a spliced field.
According to a fifth aspect of embodiments of the present disclosure, there is provided an electronic apparatus including: a processor; a memory for storing the processor-executable instructions; wherein the processor is configured to execute the instructions to implement the data processing method as described in any embodiment of the first aspect.
According to a sixth aspect of embodiments of the present disclosure, there is provided a server including: a processor; a memory for storing the processor-executable instructions; wherein the processor is configured to execute the instructions to implement the data processing method as described in any embodiment of the second aspect.
According to a seventh aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium, in which instructions, when executed by a processor of an electronic device, enable the electronic device to perform the data processing method described in any one of the embodiments of the first aspect.
According to an eighth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium, wherein instructions, when executed by a processor of a server, enable the server to perform the data processing method described in any one of the embodiments of the second aspect.
According to a ninth aspect of embodiments of the present disclosure, there is provided a computer program product comprising instructions which, when executed by a processor of an electronic device, enable the electronic device to perform the data processing method described in any one of the embodiments of the first aspect.
According to a tenth aspect of embodiments of the present disclosure, there is provided a computer program product comprising instructions which, when executed by a processor of a server, enable the server to perform the data processing method described in any one of the embodiments of the second aspect.
The technical scheme provided by the embodiment of the disclosure at least brings the following beneficial effects:
splicing the fields to be encrypted by acquiring the fields to be encrypted in the first data request to obtain spliced fields; the field to be encrypted is a field representing object data; then, according to a secret key corresponding to the splicing field, carrying out encryption processing on the splicing field to obtain a first encryption ciphertext, and carrying out encryption processing on the secret key according to a preset public key to obtain a second encryption ciphertext; finally, splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field, generating a second data request according to the target field and the residual field in the first data request, and sending the second data request to the server; the rest fields are fields except the field to be encrypted in the first data request; therefore, the purpose of encrypting the field in the data request process is achieved, the defect that the data security is low due to the fact that the field in the data request is leaked is avoided, and the data security is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure and are not to be construed as limiting the disclosure.
FIG. 1 is a diagram illustrating an application environment for a method of data processing, according to an exemplary embodiment.
FIG. 2 is a flow chart illustrating a method of data processing according to an exemplary embodiment.
FIG. 3 is a flow chart illustrating another method of data processing according to an example embodiment.
FIG. 4 is a flow chart illustrating yet another method of data processing according to an exemplary embodiment.
FIG. 5 is a block diagram illustrating a data processing apparatus according to an example embodiment.
FIG. 6 is a block diagram illustrating another data processing apparatus according to an example embodiment.
FIG. 7 is a block diagram illustrating an electronic device in accordance with an example embodiment.
FIG. 8 is a block diagram illustrating a server in accordance with an exemplary embodiment.
Detailed Description
In order to make the technical solutions of the present disclosure better understood by those of ordinary skill in the art, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein are capable of operation in sequences other than those illustrated or otherwise described herein. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
It should also be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) referred to in the present disclosure are both information and data that are authorized by the user or sufficiently authorized by various parties.
The data processing method provided by the present disclosure may be applied to the application environment shown in fig. 1. Wherein the terminal 110 interacts with the server 120 through the network. Specifically, referring to fig. 1, the terminal 110 obtains a field to be encrypted in the first data request, and performs splicing processing on the field to be encrypted to obtain a spliced field; the field to be encrypted is a field representing object data; encrypting the spliced field according to the key corresponding to the spliced field to obtain a first encrypted ciphertext; encrypting the secret key according to a preset public key to obtain a second encrypted ciphertext; splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field; generating a second data request according to the target field and the rest fields in the first data request, and sending the second data request to the server; the remaining fields are fields in the first data request other than the field to be encrypted. The terminal 110 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the server 120 may be implemented by an independent server or a server cluster formed by a plurality of servers.
Fig. 2 is a flowchart illustrating a data processing method according to an exemplary embodiment, as shown in fig. 2, the data processing method being used in the terminal shown in fig. 1, including the steps of:
in step S210, a field to be encrypted in the first data request is obtained, and the field to be encrypted is spliced to obtain a spliced field; the field to be encrypted is a field representing object data.
The first data request refers to a request carrying a request field, such as a data reporting request, an interface request, a data query request, a service data request, and the like; in a practical scenario, the first data request may be triggered by a user. The first data request includes a plurality of fields, such as fields to be encrypted.
The field to be encrypted refers to a field that needs to be encrypted in the first data request, and specifically refers to a field that represents object data in the first data request, such as a user ID, a user name, service information, and the like. The object data specifically refers to private data, and the private data refers to data related to user information or service internal information.
Specifically, the terminal identifies a field representing the object data in the first data request according to an instruction for identifying the field representing the object data, and takes the field representing the object data in the first data request as a field to be encrypted in the first data request; and then according to the field splicing instruction, splicing the fields to be encrypted in the first data request to obtain spliced fields.
For example, the terminal obtains a field a for representing user information and a field B for representing service internal information in the data reporting request, and performs splicing processing on the field a and the field B to obtain a spliced field AB.
In step S220, the splicing field is encrypted according to the key corresponding to the splicing field, so as to obtain a first encrypted ciphertext.
The key corresponding to the splicing field is a random key with a preset number of bits (for example, 11 bits); and aiming at each first data reporting request, the keys corresponding to the splicing fields are different. The first encrypted ciphertext refers to a ciphertext obtained by encrypting the spliced field through the key.
Specifically, the terminal obtains a key corresponding to the spliced field, performs symmetric encryption processing on the spliced field according to the key to obtain an encrypted ciphertext, and uses the encrypted ciphertext as a first encrypted ciphertext.
For example, the terminal encrypts the splicing field AB according to the key C to obtain a first encrypted ciphertext DEF.
In step S230, the secret key is encrypted according to the preset public key to obtain a second encrypted ciphertext.
The preset public key refers to a terminal public key in an agreed asymmetric key pair; the second encrypted ciphertext refers to a ciphertext obtained by encrypting the key through a preset public key.
Specifically, the terminal obtains a preset public key, performs asymmetric encryption processing on the key according to the preset public key to obtain a key ciphertext, and uses the key ciphertext as a second encryption ciphertext.
For example, the terminal encrypts the key C according to the terminal public key N to obtain a second encrypted ciphertext HGI.
In step S240, the first encrypted ciphertext and the second encrypted ciphertext are spliced to obtain the target field.
The target field is formed by splicing a first encrypted ciphertext and a second encrypted ciphertext and has a fixed target field identifier, such as M.
Specifically, the terminal combines the first encrypted ciphertext and the second encrypted ciphertext to obtain a combined ciphertext, and uses the combined ciphertext as a target field.
In step S250, generating a second data request according to the target field and the remaining fields in the first data request, and sending the second data request to the server; the remaining fields are fields in the first data request other than the field to be encrypted.
The remaining fields in the first data request refer to fields except for the fields to be encrypted in the first data request; for example, the first data request includes a field a, a field B, a field C, and a field D, where the field a and the field B are both fields to be encrypted, and the field C and the field D are the remaining fields in the first data request.
The second data request is a data request consisting of the target field and the rest of the fields in the first data request.
Specifically, the terminal acquires fields except for fields to be encrypted in the first data request, and takes the fields as the remaining fields in the first data request; importing the target field and the rest fields in the first data request into a data request template to obtain a new first data request, and taking the new first data request as a second data request; and sending the second data request to a corresponding server, and executing corresponding data processing by the server according to the received second data request.
According to the data processing method, the fields to be encrypted in the first data request are obtained, and the fields to be encrypted are spliced to obtain spliced fields; the field to be encrypted is a field representing object data; then, according to a secret key corresponding to the splicing field, carrying out encryption processing on the splicing field to obtain a first encryption ciphertext, and carrying out encryption processing on the secret key according to a preset public key to obtain a second encryption ciphertext; finally, splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field, generating a second data request according to the target field and the residual field in the first data request, and sending the second data request to the server; the rest fields are fields except the field to be encrypted in the first data request; therefore, the purpose of encrypting the field in the data request process is achieved, the defect that the data security is low due to the fact that the field in the data request is leaked is avoided, and the data security is improved.
In an exemplary embodiment, in step S210, obtaining the field to be encrypted in the first data request includes: acquiring field identification of a field in a first data request; if the field identification of the field is matched with the preset field identification, identifying the field as a field to be encrypted in the first data request; the preset field identification is a field identification of a field representing the object data.
The field identification refers to unique identification information of the field, such as a field name. The preset field identifier specifically refers to a field identifier of a field representing the private data, such as a Name, an ID, an account number, a service Name, and the like.
Specifically, the terminal acquires the field identifier of the field in the first data request according to the field identifier acquisition instruction; then matching the field identification of the field in the first data request with a preset field identification to obtain a matching result; and screening out fields with field identifications matched with preset field identifications from the fields in the first data request according to the matching result, wherein the fields are used as fields to be encrypted in the first data request.
For example, assuming that a field of a certain field in the first data request is identified as an ID or an account, the field is identified as a field to be encrypted.
According to the technical scheme provided by the embodiment of the disclosure, the field to be encrypted in the first data request is acquired, so that the subsequent field to be encrypted is encrypted, the field to be encrypted is prevented from being leaked, and the data security is improved; meanwhile, only the field to be encrypted in the first data request is acquired, so that subsequent encryption of only the field to be encrypted is facilitated, and the defect of long encryption time caused by encryption of all fields in the first data request is overcome.
In an exemplary embodiment, in step S210, before performing a splicing process on the field to be encrypted to obtain a spliced field, the method further includes: acquiring a verification file; the verification file is used for verifying whether the field to be encrypted is a field representing object data; verifying the field to be encrypted according to the verification file; then, in step S210, performing a splicing process on the field to be encrypted to obtain a spliced field, including: and if the field to be encrypted passes the verification, splicing the field to be encrypted according to a preset splicing sequence to obtain a spliced field.
The verification file is an algorithm file used for verifying whether a field to be encrypted is a field representing object data, and specifically, the verification file is an algorithm file used for verifying whether a field to be encrypted is a field representing privacy data. The field to be encrypted passes the verification, which indicates that the field to be verified is a field representing object data, and further indicates that the field to be verified is a field representing privacy data; and if the field to be encrypted fails to pass the verification, the field to be verified is not the field representing the object data, and further the field to be verified is not the field representing the privacy data. The preset splicing sequence refers to a preset sequence for splicing the fields to be encrypted, such as left-to-right splicing, right-to-left splicing, and the like.
Specifically, the terminal acquires a verification file for verifying whether the field to be encrypted is a field representing the object data from the local database, and verifies the field to be encrypted in the first data request according to the verification file to judge whether the field to be encrypted is the field representing the object data; and if the field to be encrypted is the field representing the object data, the verification of the field to be encrypted is passed, and the field to be encrypted is spliced according to a preset splicing sequence to obtain a spliced field.
Further, if the field to be encrypted is not the field representing the object data, it indicates that the field to be encrypted is not verified, and the field to be encrypted is deleted by the terminal, so as to obtain the target field to be encrypted in the first data request; and splicing the fields to be encrypted of the target according to a preset splicing sequence to obtain spliced fields.
According to the technical scheme provided by the embodiment of the disclosure, the fields to be encrypted are spliced according to the preset splicing sequence under the condition that the fields to be encrypted pass the verification according to the verification file to obtain the spliced fields, so that the defect that the obtained fields to be encrypted are inaccurate due to errors in the process of obtaining the fields to be encrypted in the first data request is avoided, and the accuracy of the finally obtained fields to be encrypted is improved.
In an exemplary embodiment, in step S240, before the splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain the target field, the method further includes: respectively carrying out encryption processing on the first encrypted ciphertext and the second encrypted ciphertext again to obtain a third encrypted ciphertext corresponding to the first encrypted ciphertext and a fourth encrypted ciphertext corresponding to the second encrypted ciphertext; then, in step S240, the splicing processing is performed on the first encrypted ciphertext and the second encrypted ciphertext to obtain the target field, which includes: and splicing the third encrypted ciphertext corresponding to the first encrypted ciphertext and the fourth encrypted ciphertext corresponding to the second encrypted ciphertext to obtain the target field.
The third encrypted ciphertext is a ciphertext obtained by performing re-encryption processing on the first encrypted ciphertext, and the fourth encrypted ciphertext is a ciphertext obtained by performing re-encryption processing on the second encrypted ciphertext.
It should be noted that the method for performing re-encryption processing on the first encrypted ciphertext and the second encrypted ciphertext may be various encryption algorithms, such as a symmetric encryption algorithm, an asymmetric encryption algorithm, and the like, and the disclosure is not limited in particular.
Specifically, the terminal acquires a first public key from the local database, and performs re-encryption processing on the first encrypted ciphertext according to the first public key to obtain a ciphertext subjected to re-encryption processing as a third encrypted ciphertext corresponding to the first encrypted ciphertext; carrying out secondary encryption processing on the second encrypted ciphertext according to the first public key to obtain a ciphertext subjected to secondary encryption processing, and using the ciphertext as a fourth encrypted ciphertext corresponding to the second encrypted ciphertext; and combining a third encrypted ciphertext corresponding to the first encrypted ciphertext with a fourth encrypted ciphertext corresponding to the second encrypted ciphertext to obtain a combined ciphertext, and using the combined ciphertext as a target field.
According to the technical scheme provided by the embodiment of the disclosure, the first encrypted ciphertext and the second encrypted ciphertext are spliced after being encrypted again, so that the security of the obtained target field is improved, and the security of data is further improved.
In an exemplary embodiment, in step S220, before performing an encryption process on the concatenation field according to the key corresponding to the concatenation field to obtain the first encrypted ciphertext, the method further includes: a random key is generated and identified as the key corresponding to the splice field.
The random key may be a fixed-digit random key or a non-fixed-digit random key, and the disclosure is not limited in detail.
Specifically, after the fields to be encrypted are spliced to obtain spliced fields, the terminal generates a random key according to a random key generation algorithm, and identifies the random key as a key corresponding to the spliced fields.
For example, after obtaining the splicing field, the terminal generates a random key abdgohj, and uses the random key abdgohj as the key corresponding to the splicing field.
According to the technical scheme provided by the embodiment of the disclosure, the random key is generated and identified as the key corresponding to the spliced field, so that the spliced field is encrypted according to the random key subsequently, the first encrypted ciphertext is obtained, the keys for encrypting the spliced field at each time are different, and the first encrypted ciphertext obtained through encryption is not easy to crack, so that the security of the obtained first encrypted ciphertext is improved, and the security of data is further improved.
Fig. 3 is a flow chart illustrating another data processing method according to an exemplary embodiment, as shown in fig. 3, for use in the server shown in fig. 1, including the steps of:
in step S310, the second data request sent by the terminal is received.
In step S320, a target field in the second data request is obtained; the target field is composed of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key.
In step S330, the second encrypted ciphertext is decrypted according to the preset private key matched with the preset public key, so as to obtain a secret key.
The preset private key refers to a server private key in an agreed asymmetric key pair.
In step S340, the first encrypted ciphertext is decrypted according to the key, so as to obtain a concatenated field.
In step S350, the spliced field is split to obtain an original field corresponding to the first encrypted ciphertext.
The original fields corresponding to the first encrypted ciphertext refer to the fields to be encrypted in the first data request.
Specifically, the server receives a second data request sent by the terminal, and acquires a target field in the second data request according to a target field acquisition instruction; splitting the target field to obtain a first encrypted ciphertext and a second encrypted ciphertext; acquiring a preset private key matched with the preset public key, and decrypting the second encrypted ciphertext according to the preset private key to obtain a key for encrypting the spliced field; decrypting the first encrypted ciphertext according to the key to obtain a spliced field; and splitting the spliced fields to obtain original fields corresponding to the first encrypted ciphertext, namely the fields to be encrypted in the first query request.
It should be noted that the decryption principle of the data processing method shown in fig. 3 is the same as the encryption principle of the data processing method shown in fig. 2, so for specific limitations of each step in the data processing method shown in fig. 3, reference may be made to specific limitations of each step in the data processing method shown in fig. 2, and details are not repeated here.
For example, a client sends a first query request to a server, the client in the first query request splices a plurality of fields needing to be encrypted to obtain a spliced string Q, encrypts the spliced string Q by using a random secret key K with a certain number of digits to obtain an encrypted ciphertext X, encrypts the secret key K by using a public key P in an agreed asymmetric secret key pair to obtain a secret key ciphertext KS, and splices the secret key ciphertext KS and the encrypted ciphertext X to generate a fixed field M; the server receives the first query request, splits the key ciphertext KS and the encrypted ciphertext X from the field M, decrypts the key ciphertext KS by using a private key A in an agreed asymmetric key pair to obtain a key K, decrypts the encrypted ciphertext X by using the key K to obtain a spliced string Q, and splits the spliced string Q to obtain a plurality of original fields.
In the data processing method, a second data request sent by a receiving terminal is received; acquiring a target field in the second data request; the target field consists of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key; decrypting the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain a secret key; decrypting the first encrypted ciphertext according to the key to obtain a spliced field; splitting the spliced field to obtain an original field corresponding to the first encrypted ciphertext; therefore, the purpose of decrypting the target field in the second data request is achieved, data stealing can be avoided, and the data security is improved.
In an exemplary embodiment, in step S320, acquiring the target field in the second data request specifically includes: acquiring field identification of a field in the second data request; and screening out fields with the field identifications identical to the target field identifications from the fields in the second data request, and identifying the fields as the target fields.
The target field identifier refers to identification information of the target field, and the target field identifiers are the same for all target fields.
Specifically, the server acquires the field identifier of the field in the second data request according to the field identifier acquisition instruction; then matching the field identification of the field in the second data request with the target field identification to obtain a matching result; and screening fields with field identifications matched with the target field identifications from the fields in the second data request according to the matching result to serve as target fields in the second data request.
For example, the second data request includes 4 fields, which are respectively a field a, a field B, a field C, and a field M, the corresponding field identifications are respectively a1, B1, C1, and M1, and the destination field identification is M1, which is the same as the field identification of the field M, and the field M is identified as the destination field in the second data request.
According to the technical scheme provided by the embodiment of the disclosure, the target field in the second data request is obtained, so that the subsequent decryption processing of the first encrypted ciphertext and the second encrypted ciphertext in the target field is facilitated, and the original field corresponding to the first encrypted ciphertext is obtained; meanwhile, the field identification of the field in the second data request is matched with the target field identification, so that the determination accuracy of the target field in the second data request is improved.
In an exemplary embodiment, in step S310, the receiving the second data request sent by the terminal specifically includes: receiving a second data request sent by the terminal through a preset network channel; the second data request is generated by the terminal according to the target field and the residual field in the first data request, the target field is obtained by encrypting the original field, the residual field is a field except the original field in the first data request, and the original field is a field representing object data in the first data request.
The preset network channel refers to a special network channel, such as a private network channel.
Specifically, the terminal encrypts an original field representing object data in a first data request to obtain a first encrypted ciphertext and a second encrypted ciphertext, and splices the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field; acquiring fields except the original fields in the first data request, and taking the fields as the remaining fields in the first data request; generating a first data request according to the target field and the rest fields in the first data request, and sending the first data request to a server through a preset network channel; the server receives a first data request sent by the terminal through a preset network channel.
According to the technical scheme provided by the embodiment of the disclosure, the terminal generates the second data request according to the target field obtained by encrypting the original field representing the object data in the first data request and the rest fields except the original field in the first data request, and sends the second data request to the corresponding server through the preset network channel, so that data leakage is avoided, and the data security is further improved.
In an exemplary embodiment, in the step S330, before performing decryption processing on the second encrypted ciphertext according to a preset private key matched with a preset public key to obtain a key, the method further includes: and identifying the first encrypted ciphertext and the second encrypted ciphertext from the target field according to the ciphertext combination sequence in the target field.
The target field is formed by combining a first encrypted ciphertext and a second encrypted ciphertext according to a ciphertext combination sequence, for example, the first encrypted ciphertext is before the second encrypted ciphertext is after the first encrypted ciphertext, or the second encrypted ciphertext is before the first encrypted ciphertext is after the first encrypted ciphertext. The cipher text combination order is a combination order of the first encrypted cipher text and the second encrypted cipher text.
For example, assuming that the ciphertext combination order in the target field is that the first encrypted ciphertext is in front of the second encrypted ciphertext, the server identifies the first section of ciphertext and the second section of ciphertext in the target field as the first encrypted ciphertext and the second encrypted ciphertext, respectively, according to the ciphertext combination order; and assuming that the cipher text combination sequence in the target field is that the second encrypted cipher text is in front of the target field and the first encrypted cipher text is behind the target field, the server respectively identifies the first section of cipher text and the second section of cipher text in the target field as the second encrypted cipher text and the first encrypted cipher text according to the cipher text combination sequence.
According to the technical scheme provided by the embodiment of the disclosure, the ciphertexts in the target field are identified according to the cipher text combination sequence in the target field, so that the first encrypted cipher text and the second encrypted cipher text can be accurately identified from the target field, the second encrypted cipher text can be decrypted subsequently according to the preset private key matched with the preset public key, a secret key is obtained, and then the first encrypted cipher text is decrypted according to the secret key, so that the spliced field is obtained.
In an exemplary embodiment, in step S340, before performing decryption processing on the first encrypted ciphertext according to the key to obtain the concatenated field, the method further includes: acquiring the format of a secret key; then, in step S340, the decrypting is performed on the first encrypted ciphertext according to the key to obtain the concatenated field, which specifically includes: and when the format of the key is matched with the preset format, decrypting the first encrypted ciphertext according to the key to obtain a spliced field.
The preset format refers to a preset key format, for example, the total number of the preset key format is 11, the first 5 bits are numbers, and the last 6 bits are letters. The format of the key is matched with the preset format, which means that the format of the key is the same as the preset format.
Specifically, the server acquires the format of the key through a key format acquisition instruction, and judges whether the format of the key is matched with a preset format; when the format of the key is matched with the preset format, the first encrypted ciphertext is decrypted according to the key to obtain a spliced field; when the format of the key is not matched with the preset format, it is indicated that the obtained key has an error, and the key needs to be obtained again to ensure that the format of the obtained key is matched with the preset format.
For example, the format of the obtained key a is: the total number of the Chinese characters is 11, the first 5 digits are numbers, the last 6 digits are letters, and the preset format is as follows: and if the total number of the first 5 bits is 11, the first 5 bits are numbers, and the last 6 bits are letters, the format of the key A is matched with the preset format, and the first encrypted ciphertext is decrypted according to the key A to obtain the spliced field.
According to the technical scheme provided by the embodiment of the disclosure, when the format of the key is matched with the preset format, the first encrypted ciphertext is decrypted according to the key to obtain the spliced field, so that the accuracy and the safety of the obtained spliced field are improved, and the safety of data is further improved.
In order to clarify the data processing method provided by the embodiments of the present disclosure more clearly, the data processing method is specifically described below with a specific embodiment. In an embodiment, as shown in fig. 4, the present disclosure further provides another data processing method, which specifically includes the following steps:
the client filters fields needing encryption in the request; the client splices the fields to obtain a spliced string; the client side symmetrically encrypts the spliced string by using the random secret key to obtain an encrypted ciphertext; the client encrypts the random secret key used in the last step by using the appointed client public key to obtain a secret key ciphertext; the client splices the secret key ciphertext and the encrypted ciphertext to generate a fixed request field M; the client sends a request to the server; after receiving the request, the server splits the M field to obtain a secret key ciphertext and an encrypted ciphertext; the server side uses an agreed server side private key to symmetrically decrypt the secret key ciphertext to obtain a secret key; the server decrypts the encrypted ciphertext by using the key obtained in the last step to obtain a spliced string; and the server splits the spliced string to obtain a plurality of original fields.
The data processing method can achieve the following technical effects: (1) the method is beneficial to protecting the safety of the service and protecting the privacy data of the user, thereby improving the data safety; (2) the method is a universal method, and can realize non-invasion and non-perception of the service by uniformly accessing the client and the service access layer.
It should be understood that although the various steps in the flowcharts of fig. 2-3 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-3 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps or stages.
It is understood that the same/similar parts between the embodiments of the method described above in this specification can be referred to each other, and each embodiment focuses on the differences from the other embodiments, and it is sufficient that the relevant points are referred to the descriptions of the other method embodiments.
FIG. 5 is a block diagram illustrating a data processing apparatus according to an example embodiment. Referring to fig. 5, the apparatus includes a field concatenation unit 510, a first encryption unit 520, a second encryption unit 530, a ciphertext concatenation unit 540, and a request transmission unit 550.
A field splicing unit 510, configured to perform obtaining of a field to be encrypted in the first data request, and perform splicing processing on the field to be encrypted to obtain a spliced field; the field to be encrypted is a field representing object data.
And a first encryption unit 520 configured to perform encryption processing on the spliced field according to the key corresponding to the spliced field to obtain a first encrypted ciphertext.
And a second encryption unit 530 configured to perform encryption processing on the secret key according to the preset public key to obtain a second encrypted ciphertext.
And the ciphertext splicing unit 540 is configured to perform splicing processing on the first encrypted ciphertext and the second encrypted ciphertext to obtain the target field.
A request sending unit 550 configured to perform generating a second data request according to the target field and the remaining fields in the first data request, and sending the second data request to the server; the remaining fields are fields in the first data request other than the field to be encrypted.
In an exemplary embodiment, the field splicing unit 510 is further configured to perform obtaining field identifications of fields in the first data request; if the field identification of the field is matched with the preset field identification, identifying the field as a field to be encrypted in the first data request; the preset field identification is a field identification of a field representing the object data.
In an exemplary embodiment, the data processing apparatus further comprises a field verification unit configured to perform obtaining a verification file; the verification file is used for verifying whether the field to be encrypted is a field representing object data; verifying the field to be encrypted according to the verification file;
the field splicing unit 510 is further configured to perform, if the field to be encrypted passes the verification, splicing the field to be encrypted according to a preset splicing sequence to obtain a spliced field.
In an exemplary embodiment, the data processing apparatus further includes a ciphertext encryption unit configured to perform re-encryption processing on the first encrypted ciphertext and the second encrypted ciphertext respectively to obtain a third encrypted ciphertext corresponding to the first encrypted ciphertext and a fourth encrypted ciphertext corresponding to the second encrypted ciphertext;
the ciphertext splicing unit 540 is further configured to perform splicing processing on the third encrypted ciphertext corresponding to the first encrypted ciphertext and the fourth encrypted ciphertext corresponding to the second encrypted ciphertext to obtain the target field.
In an exemplary embodiment, the data processing apparatus further includes a key obtaining unit configured to perform generating a random key and to identify the random key as a key corresponding to the concatenation field.
FIG. 6 is a block diagram illustrating another data processing apparatus according to an example embodiment. Referring to fig. 6, the apparatus includes a request receiving unit 610, a field acquiring unit 620, a first decrypting unit 630, a second decrypting unit 640, and a field splitting unit 650.
A request receiving unit 610 configured to perform receiving the second data request transmitted by the terminal.
A field obtaining unit 620 configured to perform obtaining a target field in the second data request; the target field is composed of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key.
The first decryption unit 630 is configured to perform decryption processing on the second encrypted ciphertext according to a preset private key matched with the preset public key, so as to obtain a secret key.
And the second decryption unit 640 is configured to perform decryption processing on the first encrypted ciphertext according to the key to obtain a spliced field.
And the field splitting unit 650 is configured to split the spliced field to obtain an original field corresponding to the first encrypted ciphertext.
In an exemplary embodiment, the field obtaining unit 620 is further configured to perform obtaining field identifications of fields in the second data request; and screening out fields with the field identifications identical to the target field identifications from the fields in the second data request, and identifying the fields as the target fields.
In an exemplary embodiment, the request receiving unit is further configured to execute receiving a second data request sent by the terminal through a preset network channel; the second data request is generated by the terminal according to the target field and the residual field in the first data request, the target field is obtained by encrypting the original field, the residual field is a field except the original field in the first data request, and the original field is a field representing object data in the first data request.
In an exemplary embodiment, the data processing apparatus further includes a ciphertext identification unit configured to perform identifying the first encrypted ciphertext and the second encrypted ciphertext from the target field in a ciphertext combining order in the target field.
In an exemplary embodiment, the data processing apparatus further includes a format acquiring unit configured to perform acquiring a format of the key;
and the second decryption unit is also configured to decrypt the first encrypted ciphertext according to the key when the format of the key is matched with the preset format, so as to obtain the spliced field.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Fig. 7 is a block diagram illustrating an electronic device 700 for performing a data processing method according to an example embodiment. For example, the electronic device 700 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a gaming console, a tablet device, a medical device, an exercise device, a personal digital assistant, and so forth.
Referring to fig. 7, electronic device 700 may include one or more of the following components: processing component 702, memory 704, power component 706, multimedia component 708, audio component 710, input/output (I/O) interface 712, sensor component 714, and communication component 716.
The processing component 702 generally controls overall operation of the electronic device 700, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing components 702 may include one or more processors 720 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 702 may include one or more modules that facilitate interaction between the processing component 702 and other components. For example, the processing component 702 may include a multimedia module to facilitate interaction between the multimedia component 708 and the processing component 702.
The memory 704 is configured to store various types of data to support operations at the electronic device 700. Examples of such data include instructions for any application or method operating on the electronic device 700, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 704 may be implemented by any type or combination of volatile or non-volatile storage devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk, optical disk, or graphene memory.
The power supply component 706 provides power to the various components of the electronic device 700. The power components 706 may include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for the electronic device 700.
The multimedia component 708 includes a screen providing an output interface between the electronic device 700 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 708 includes a front facing camera and/or a rear facing camera. The front camera and/or the rear camera may receive external multimedia data when the electronic device 700 is in an operation mode, such as a photographing mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.
The audio component 710 is configured to output and/or input audio signals. For example, the audio component 710 includes a Microphone (MIC) configured to receive external audio signals when the electronic device 700 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signal may further be stored in the memory 704 or transmitted via the communication component 716. In some embodiments, audio component 710 also includes a speaker for outputting audio signals.
The I/O interface 712 provides an interface between the processing component 702 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.
The sensor assembly 714 includes one or more sensors for providing various aspects of status assessment for the electronic device 700. For example, the sensor assembly 714 may detect an open/closed state of the electronic device 700, the relative positioning of components, such as a display and keypad of the electronic device 700, the sensor assembly 714 may also detect a change in the position of the electronic device 700 or components of the electronic device 700, the presence or absence of user contact with the electronic device 700, orientation or acceleration/deceleration of the electronic device 700, and a change in the temperature of the electronic device 700. The sensor assembly 714 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 714 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 714 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 716 is configured to facilitate wired or wireless communication between the electronic device 700 and other devices. The electronic device 700 may access a wireless network based on a communication standard, such as WiFi, a carrier network (such as 2G, 3G, 4G, or 5G), or a combination thereof. In an exemplary embodiment, the communication component 716 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 716 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the electronic device 700 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.
In an exemplary embodiment, a computer-readable storage medium comprising instructions, such as the memory 704 comprising instructions, executable by the processor 720 of the electronic device 700 to perform the above-described method is also provided. For example, the computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, a computer program product is also provided that includes instructions executable by the processor 720 of the electronic device 700 to perform the above-described method.
Fig. 8 is a block diagram illustrating an apparatus 800 for performing a data processing method according to an example embodiment. For example, the device 800 may be a server. Referring to fig. 8, device 800 includes a processing component 820 that further includes one or more processors and memory resources, represented by memory 822, for storing instructions, such as applications, that are executable by processing component 820. The application programs stored in memory 822 may include one or more modules that each correspond to a set of instructions. Further, the processing component 820 is configured to execute instructions to perform the above-described methods.
The device 800 may further comprise: a power component 824 is configured to perform power management for the device 800, a wired or wireless network interface 826 configured to connect the device 800 to a network, and an input-output (I/O) interface 828. The device 800 may operate based on an operating system stored in the memory 822, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, or the like.
In an exemplary embodiment, a computer-readable storage medium comprising instructions, such as the memory 822 comprising instructions, executable by the processor of the device 800 to perform the above-described method is also provided. The storage medium may be a computer-readable storage medium, which may be, for example, a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, a computer program product is also provided that includes instructions executable by a processor of the device 800 to perform the above-described method.
It should be noted that, the descriptions of the above-mentioned apparatus, the electronic device, the server, the computer-readable storage medium, the computer program product, and the like according to the method embodiments may also include other embodiments, and specific implementation manners may refer to the descriptions of the related method embodiments, which are not described herein in detail.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (10)

1. A data processing method is applied to a terminal and comprises the following steps:
acquiring a field to be encrypted in a first data request, and splicing the field to be encrypted to obtain a spliced field; the field to be encrypted is a field representing object data;
encrypting the spliced field according to the key corresponding to the spliced field to obtain a first encrypted ciphertext;
encrypting the secret key according to a preset public key to obtain a second encrypted ciphertext;
splicing the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field;
generating a second data request according to the target field and the rest fields in the first data request, and sending the second data request to a server; the remaining fields are fields in the first data request except the field to be encrypted.
2. The data processing method according to claim 1, wherein the obtaining of the field to be encrypted in the first data request comprises:
acquiring field identification of a field in a first data request;
if the field identification of the field is matched with a preset field identification, identifying the field as a field to be encrypted in the first data request; the preset field identification is a field identification of a field representing object data.
3. The data processing method according to claim 1, wherein before the field to be encrypted is subjected to the splicing processing to obtain the spliced field, the method further comprises:
acquiring a verification file; the verification file is used for verifying whether the field to be encrypted is a field representing object data;
verifying the field to be encrypted according to the verification file;
the splicing processing is carried out on the fields to be encrypted to obtain spliced fields, and the method comprises the following steps:
and if the field to be encrypted passes the verification, splicing the field to be encrypted according to a preset splicing sequence to obtain a spliced field.
4. A data processing method is applied to a server and comprises the following steps:
receiving a second data request sent by the terminal;
acquiring a target field in the second data request; the target field consists of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key;
decrypting the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain the secret key;
decrypting the first encrypted ciphertext according to the key to obtain a spliced field;
and splitting the spliced field to obtain an original field corresponding to the first encrypted ciphertext.
5. A data processing apparatus, comprising:
the field splicing unit is configured to execute to-be-encrypted fields in the first data request, and splice the to-be-encrypted fields to obtain spliced fields; the field to be encrypted is a field representing object data;
the first encryption unit is configured to encrypt the spliced field according to a key corresponding to the spliced field to obtain a first encrypted ciphertext;
the second encryption unit is configured to perform encryption processing on the secret key according to a preset public key to obtain a second encrypted ciphertext;
the ciphertext splicing unit is configured to perform splicing processing on the first encrypted ciphertext and the second encrypted ciphertext to obtain a target field;
the request sending unit is configured to generate a second data request according to the target field and the rest fields in the first data request, and send the second data request to a server; the remaining fields are fields in the first data request except the field to be encrypted.
6. A data processing apparatus, comprising:
a request receiving unit configured to perform receiving a second data request transmitted by the terminal;
a field acquisition unit configured to perform acquisition of a target field in the second data request; the target field consists of a first encrypted ciphertext and a second encrypted ciphertext, the second encrypted ciphertext is obtained by encrypting a preset public key, and the first encrypted ciphertext is obtained by encrypting a secret key;
the first decryption unit is configured to decrypt the second encrypted ciphertext according to a preset private key matched with the preset public key to obtain the secret key;
the second decryption unit is configured to decrypt the first encrypted ciphertext according to the key to obtain a spliced field;
and the field splitting unit is configured to split the spliced field to obtain an original field corresponding to the first encrypted ciphertext.
7. An electronic device, comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the data processing method of any one of claims 1 to 3.
8. A server, comprising:
a processor;
a memory for storing the processor-executable instructions;
wherein the processor is configured to execute the instructions to implement the data processing method of claim 4.
9. A computer-readable storage medium, wherein instructions in the computer-readable storage medium, when executed by a processor of an electronic device, enable the electronic device to perform the data processing method of any of claims 1 to 3.
10. A computer program product comprising instructions which, when executed by a processor of an electronic device, enable the electronic device to perform the data processing method of any of claims 1 to 3.
CN202111032589.XA 2021-09-03 2021-09-03 Data processing method and device, electronic equipment, server and storage medium Pending CN113868505A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111032589.XA CN113868505A (en) 2021-09-03 2021-09-03 Data processing method and device, electronic equipment, server and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111032589.XA CN113868505A (en) 2021-09-03 2021-09-03 Data processing method and device, electronic equipment, server and storage medium

Publications (1)

Publication Number Publication Date
CN113868505A true CN113868505A (en) 2021-12-31

Family

ID=78989477

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111032589.XA Pending CN113868505A (en) 2021-09-03 2021-09-03 Data processing method and device, electronic equipment, server and storage medium

Country Status (1)

Country Link
CN (1) CN113868505A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115529131A (en) * 2022-11-28 2022-12-27 广州万协通信息技术有限公司 Data encryption and decryption method and device based on dynamic key

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566324A (en) * 2016-06-30 2018-01-09 南京中兴新软件有限责任公司 Encryption method, decryption method and device
CN107666479A (en) * 2017-08-02 2018-02-06 上海壹账通金融科技有限公司 Information encrypting and decrypting method, apparatus, computer equipment and storage medium
CN108900533A (en) * 2018-08-01 2018-11-27 南京荣链科技有限公司 A kind of shared data method for secret protection, system, terminal and medium
CN109474619A (en) * 2018-12-17 2019-03-15 中国平安财产保险股份有限公司 Data encryption report method and device, data decryption method and device
CN110493251A (en) * 2019-08-30 2019-11-22 北京字节跳动网络技术有限公司 A kind of data processing method, device, electronic equipment and storage medium
CN111130803A (en) * 2019-12-26 2020-05-08 信安神州科技(广州)有限公司 Method, system and device for digital signature
CN111431846A (en) * 2019-05-30 2020-07-17 杭州海康威视数字技术股份有限公司 Data transmission method, device and system
CN112751852A (en) * 2020-12-29 2021-05-04 平安普惠企业管理有限公司 Data transmission method and related equipment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566324A (en) * 2016-06-30 2018-01-09 南京中兴新软件有限责任公司 Encryption method, decryption method and device
CN107666479A (en) * 2017-08-02 2018-02-06 上海壹账通金融科技有限公司 Information encrypting and decrypting method, apparatus, computer equipment and storage medium
CN108900533A (en) * 2018-08-01 2018-11-27 南京荣链科技有限公司 A kind of shared data method for secret protection, system, terminal and medium
CN109474619A (en) * 2018-12-17 2019-03-15 中国平安财产保险股份有限公司 Data encryption report method and device, data decryption method and device
CN111431846A (en) * 2019-05-30 2020-07-17 杭州海康威视数字技术股份有限公司 Data transmission method, device and system
CN110493251A (en) * 2019-08-30 2019-11-22 北京字节跳动网络技术有限公司 A kind of data processing method, device, electronic equipment and storage medium
CN111130803A (en) * 2019-12-26 2020-05-08 信安神州科技(广州)有限公司 Method, system and device for digital signature
CN112751852A (en) * 2020-12-29 2021-05-04 平安普惠企业管理有限公司 Data transmission method and related equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115529131A (en) * 2022-11-28 2022-12-27 广州万协通信息技术有限公司 Data encryption and decryption method and device based on dynamic key
CN115529131B (en) * 2022-11-28 2023-03-14 广州万协通信息技术有限公司 Data encryption and decryption method and device based on dynamic key

Similar Documents

Publication Publication Date Title
CN114756886B (en) Method and device for inquiring hiding trace
CN113242224B (en) Authorization method and device, electronic equipment and storage medium
CN104955031A (en) Information transmission method and device
CN104852911A (en) Safety verification method, device and system
CN105049213A (en) File signature method and device
CN110765434A (en) Identity authentication method and device, electronic equipment and storage medium
KR101768813B1 (en) System for providing remote consulting service and security solution thereof
CN109246110B (en) Data sharing method and device and computer readable storage medium
CN111431724B (en) Data transmission method and device and electronic equipment
CN109241423B (en) Information recommendation method and device, electronic equipment and storage medium
CN114978512B (en) Privacy intersection method and device and readable storage medium
CN108900553B (en) Communication method, device and computer readable storage medium
CN103914541A (en) Information search method and device
CN113343212A (en) Device registration method and apparatus, electronic device, and storage medium
CN104852800B (en) Data transmission method and device
CN112182646A (en) Data reading method and device, data authorization method and device, and storage medium
CN115333813A (en) Data encryption transmission method and device, electronic equipment and storage medium
CN113055169B (en) Data encryption method and device, electronic equipment and storage medium
CN112243000B (en) Application data processing method and device, computer equipment and storage medium
CN105120452A (en) Information transmission method, device and system
CN113868505A (en) Data processing method and device, electronic equipment, server and storage medium
CN107302519B (en) Identity authentication method and device for terminal equipment, terminal equipment and server
CN115051790A (en) Data encryption method, data decryption method and device, and storage medium
CN114666048A (en) Data processing method and device, electronic equipment and storage medium
CN114885038A (en) Encryption protocol conversion method, result acquisition node and privacy calculation node

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination