CN113946739A

CN113946739A - Sensitive data query method, device, equipment and storage medium

Info

Publication number: CN113946739A
Application number: CN202010684227.8A
Authority: CN
Inventors: 尹旭东; 李斌; 罗程
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2020-07-16
Filing date: 2020-07-16
Publication date: 2022-01-18

Abstract

The embodiment of the application discloses a method, a device, equipment and a storage medium for inquiring sensitive data, wherein the method comprises the following steps: responding to a trigger operation of a first user accessing an application client through first account information, and taking a user of second account information corresponding to the trigger operation as a second user to be queried; acquiring user identification information, scene type data and authentication information corresponding to a second user, taking the user identification information, the scene type data and the authentication information as service key information for inquiring sensitive data of the second user, and sending a first data inquiry request to a server corresponding to an application client based on the service key information; when the server determines that the first data query request is legal, sensitive data of a second user returned by the server are obtained; and outputting the sensitive data of the second user to a user information display interface of the application client. By adopting the embodiment of the application, the safety of the user sensitive data can be improved.

Description

Sensitive data query method, device, equipment and storage medium

Technical Field

The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for querying sensitive data.

Background

The user information refers to various information that can recognize the identity of a specific natural person alone or in combination with other information or reflect the activity condition of the specific natural person, and may include sensitive data and basic data. The basic data may include data such as a nickname, gender, and constellation of the user, and the sensitive data may include data such as a telephone, a mailbox, and an address. When a user (e.g., a user B) queries user information of a certain user (e.g., a user a) through a user terminal running an application client, the application client may obtain user identification information of the user a in an unlimited exhaustive manner, and further may illegally view user information of another person in the user terminal, for example, may obtain sensitive data of the user a, so that there is a risk that the sensitive data is illegally leaked, that is, security of user information data may be reduced.

Disclosure of Invention

The embodiment of the application provides a method, a device, equipment and a storage medium for inquiring sensitive data, which can effectively improve the security of user sensitive data.

An embodiment of the present application provides a method for querying sensitive data, where the method is executed by a user terminal, and includes:

responding to a trigger operation of a first user accessing an application client through first account information, and taking a user of second account information corresponding to the trigger operation as a second user to be queried; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

acquiring user identification information, scene type data and authentication information corresponding to a second user, taking the user identification information, the scene type data and the authentication information as service key information for inquiring sensitive data of the second user, and sending a first data inquiry request to a server corresponding to an application client based on the service key information; the service key information is used for indicating the server to determine the validity of the first data query request;

when the server determines that the first data query request is legal, sensitive data of a second user returned by the server are obtained;

and outputting the sensitive data of the second user to a user information display interface of the application client.

One aspect of the present embodiment provides a method for querying sensitive data, where the method is executed by a server, and includes:

receiving a first data query request sent by a user terminal running with an application client based on service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes the triggering operation; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

determining the validity of the first data query request based on the business key information;

when the first data query request is determined to be legal, acquiring sensitive data of a second user;

and returning the sensitive data of the second user to the user terminal so that the user terminal outputs the sensitive data of the second user to a user information display interface of the application client.

An aspect of an embodiment of the present application provides a sensitive data query apparatus, where the apparatus operates in a user terminal, and the apparatus includes:

the query user determining module is used for responding to the triggering operation of a first user accessing the application client through the first account information and taking a user of second account information corresponding to the triggering operation as a second user to be queried; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

the first request sending module is used for acquiring user identification information, scene type data and authentication information corresponding to a second user, using the user identification information, the scene type data and the authentication information as service key information for inquiring sensitive data of the second user, and sending a first data inquiry request to a server corresponding to an application client based on the service key information; the service key information is used for indicating the server to determine the validity of the first data query request;

the sensitive data acquisition module is used for acquiring the sensitive data of the second user returned by the server when the server determines that the first data query request is legal;

and the sensitive data output module is used for outputting the sensitive data of the second user to a user information display interface of the application client.

The first user and the second user are users in a session interface in the application client;

the first request sending module comprises:

the session attribute determining unit is used for determining the session attribute of the session interface in the application client;

the first determining unit is used for determining user identification information mapped by a second user corresponding to the second account information in the session interface and determining scene type data corresponding to the second user according to the session attribute;

the second determining unit is used for determining authentication information corresponding to a second user in the session interface;

and the first request sending unit is used for generating a first data query request for querying sensitive data of a second user based on the service key information by taking the user identification information, the scene type data and the authentication information as the service key information, and sending the first data query request to a server corresponding to the application client.

Wherein the session attribute comprises a first session attribute;

the second determination unit includes:

and the first determining subunit is used for determining session identification information associated with the first user and the second user in the session interface based on the first session attribute, and taking the session identification information as authentication information corresponding to the second user.

The session attribute comprises a second session attribute, and the first user and the second user are both users in a public broadcast group of the application client;

the second determination unit further includes:

the second determining subunit is configured to use the enterprise identification information corresponding to the first user as the first enterprise identification information, and use the enterprise identification information corresponding to the second user as the second enterprise identification information;

a third determining subunit, configured to, if the first enterprise identification information and the second enterprise identification information are enterprise identification information of the same enterprise corresponding to the public broadcast group, use the group identification information corresponding to the public broadcast group as first session identification information corresponding to the session interface, and use the first session identification information as authentication information corresponding to the second user;

and the fourth determining subunit is configured to, if the first enterprise identification information and the second enterprise identification information are enterprise identification information of different enterprises corresponding to the public broadcast group, use the group identification information corresponding to the public broadcast group as second session identification information corresponding to the session interface, and use the first enterprise identification information and the second session identification information as authentication information corresponding to the second user.

The second user is a user in a contact list in the application client;

the first request sending module further comprises:

the list attribute determining unit is used for determining the list attribute of the contact list in a list display interface of the application client;

a third determining unit, configured to determine, in the list attribute, user identification information mapped by a second user corresponding to the second account information, and determine, according to the list attribute, scene type data corresponding to the second user;

a fourth determining unit, configured to use the enterprise identification information corresponding to the first user as authentication information corresponding to the second user in the contact list;

and the second request sending unit is used for generating a first data query request for querying sensitive data of a second user based on the service key information by taking the user identification information, the scene type data and the authentication information as the service key information, and sending the first data query request to a server corresponding to the application client.

Wherein, the device still includes:

the display interface output module is used for responding to the triggering operation of the first user on the public broadcasting platform associated with the application client and outputting an information display interface of the public broadcasting platform; the information display interface comprises business data information issued by an enterprise object corresponding to the public broadcasting platform and an interactive editing control used for interacting the business data information;

the information input module is used for responding to the triggering operation aiming at the interactive editing control, outputting a text input sub-interface independent of the information display interface, and inputting text interactive information aiming at the service data information on the text input sub-interface; the text entry sub-interface is an interface superposed on the information display interface, and the size of the text entry sub-interface is smaller than that of the information display interface; the text entry sub-interface comprises an interactive release control;

the second request sending module is used for responding to the triggering operation aiming at the interactive publishing control and sending a second data query request for acquiring the sensitive data of the first user to a server corresponding to the application client;

and the interactive information determining module is used for taking the text interactive information and the sensitive data of the first user as interactive information of the service data information when receiving the sensitive data of the first user returned by the server.

The method comprises the following steps that a scene corresponding to an information display interface of a public broadcasting platform is an interface skip scene;

the second request sending module comprises:

the authorization unit is used for responding to the triggering operation aiming at the interactive release control, taking the first user as a user to be inquired, and authorizing the public broadcasting platform to acquire the user identification information of the first user in the application client based on the interface jump scene;

a fifth determining unit, configured to determine scene type data corresponding to the first user based on an interface attribute of the interface jump scene;

a sixth determining unit, configured to acquire platform identification information corresponding to the public broadcast platform and text identification information of the text interaction information, and use the platform identification information and the text identification information as authentication information corresponding to the first user;

the key information determining module is used for taking the user identification information of the first user, the scene type data corresponding to the first user and the authentication information corresponding to the first user as the business key information of the first user;

and the third request sending unit is used for generating a second data query request for querying the sensitive data of the first user based on the business key information of the first user, and sending the second data query request to the server corresponding to the application client.

One aspect of the present application provides a computer device, comprising: a processor, a memory, a network interface;

the processor is connected to a memory and a network interface, wherein the network interface is used for providing a data communication function, the memory is used for storing a computer program, and the processor is used for calling the computer program to execute the method in the above aspect in the embodiment of the present application.

An aspect of the present application provides a computer-readable storage medium storing a computer program comprising program instructions that, when executed by a processor, perform the method of the above-mentioned aspect of the embodiments of the present application.

An aspect of the application provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method of the above-described aspect.

An aspect of an embodiment of the present application provides a sensitive data query apparatus, where the apparatus runs on a server, and includes:

the query request receiving module is used for receiving a first data query request sent by a user terminal running with an application client based on the service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes the triggering operation; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

the validity determining module is used for determining the validity of the first data query request based on the service key information;

the data acquisition module is used for acquiring the sensitive data of the second user when the first data query request is determined to have the legality;

and the data returning module is used for returning the sensitive data of the second user to the user terminal so that the user terminal outputs the sensitive data of the second user to the user information display interface of the application client.

Wherein, the legality determining module comprises:

the first validity determining unit is used for determining that the first data query request has validity if the scene type data in the service key information meets the scene query condition;

and the second legality determining unit is used for determining that the first data query request is illegal if the scene type data in the service key information does not meet the scene query condition.

In the embodiment of the present application, a computer device (i.e., a user terminal) running with an application client may respond to a trigger operation of a first user accessing the application client through first account information, and may further use a user with second account information corresponding to the trigger operation as a second user to be queried. The first user and the second user are both users after sensitive data isolation is carried out in the application client. The first user here may be a viewing user and the second user may be a user to be queried. Since the first user and the second user are users after sensitive data isolation is performed, in the process of querying the sensitive data of the second user in the application client, the validity of the first data query request sent by the user terminal needs to be judged through the server in the embodiment of the application, so as to ensure the security of the sensitive data of the second user in the application client. For example, in the process of querying the sensitive data of the second user through the user terminal, the first user needs to obtain not only the user identification information corresponding to the second user, but also the scene type data and the authentication information of the second user. The context type data may be used to indicate a context type in which the second user is located in the application client. For example, the scene type indicated by the scene type data "1" may be a group chat scene. Further, the user terminal may send a first data query request to a server corresponding to the application client based on the service key information (e.g., user identification information, scene type data, and authentication information). In this way, when the server determines that the first data query request is legal, the sensitive data of the second user can be returned to the user terminal, and at this time, the user terminal can further output the sensitive data of the second user to the user information display interface of the application client. It should be understood that, conversely, when the server determines that the first data query request does not have validity, the server does not need to return the sensitive data of the second user to the user terminal, and thus the security of the sensitive data of the user can be effectively ensured.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

Fig. 1 is a schematic structural diagram of a network architecture according to an embodiment of the present application;

fig. 2 is a schematic view of a scenario for performing data interaction according to an embodiment of the present application;

fig. 3 is a schematic flowchart of a sensitive data query method provided in an embodiment of the present application;

FIG. 4 is a schematic diagram of pseudo code for defining scene type data according to an embodiment of the present application;

fig. 5a is a schematic view of a scenario in which sensitive data of a second user is queried in a session interface in a single chat scenario according to an embodiment of the present application;

fig. 5b is a schematic view of a scenario that a second user queries for sensitive data under a public broadcast group according to an embodiment of the present application;

FIG. 6 is a schematic diagram of a scenario in which a second user's sensitive data is queried under a contact list according to an embodiment of the present application;

fig. 7 is a schematic flowchart of a sensitive data query method provided in an embodiment of the present application;

FIG. 8 is a schematic diagram of a scenario for acquiring sensitive data of a first user according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of a sensitive data query device according to an embodiment of the present application;

FIG. 10 is a schematic diagram of a computer device provided by an embodiment of the present application;

fig. 11 is a schematic structural diagram of a sensitive data query device according to an embodiment of the present application;

FIG. 12 is a schematic diagram of a computer device provided by an embodiment of the present application;

fig. 13 is a schematic structural diagram of a data processing system according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Referring to fig. 1, fig. 1 is a schematic structural diagram of a network architecture according to an embodiment of the present disclosure. As shown in fig. 1, the network architecture may include a server 10 and a cluster of user terminals. The user terminal cluster may comprise one or more user terminals, where the number of user terminals will not be limited. As shown in fig. 1, the system may specifically include a user terminal 100a, a user terminal 100b, user terminals 100c and …, and a user terminal 100 n. As shown in fig. 1, the user terminal 100a, the user terminal 100b, the user terminals 100c, …, and the user terminal 100n may be respectively connected to the server 10 via a network, so that each user terminal may interact with the server 10 via the network.

Wherein, each ue in the ue cluster may include: the intelligent terminal comprises an intelligent terminal with a service data processing function, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, wearable equipment, an intelligent home, and head-mounted equipment. It should be understood that each user terminal in the user terminal cluster shown in fig. 1 may be installed with the application client, and when the application client runs in each user terminal, data interaction may be performed with the server 10 shown in fig. 1. The application client may be an independent client, or may be an embedded public broadcasting platform integrated in a certain client (for example, a social client, an education client, a multimedia client, and the like), which is not limited herein.

As shown in fig. 1, the server 10 in the embodiment of the present application may be a server corresponding to the application client. The server 10 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, a middleware service, a domain name service, a security service, a CDN, a big data and artificial intelligence platform, and the like.

For convenience of understanding, in the embodiment of the present application, one user terminal may be selected from the plurality of user terminals shown in fig. 1 as the target user terminal. For example, the user terminal 100a shown in fig. 1 may be used as a target user terminal in the embodiment of the present application, and a target application (i.e., an application client) having the service data processing function may be integrated in the target user terminal. At this time, the target user terminal may implement data interaction with the server 10 through the service data platform corresponding to the application client.

It should be understood that the user information in the embodiment of the present application may include sensitive data and basic data, where the sensitive data may include data such as mailbox, telephone, address, landline telephone, department, enterprise mailbox, and the like. The basic data may contain data such as user account information, user nickname, name, gender, constellation, age, and avatar.

For easy understanding, please refer to fig. 2, and fig. 2 is a schematic diagram of a scenario for performing data interaction according to an embodiment of the present application. As shown in fig. 2, the user terminal 30 in this embodiment may be a user terminal running an application client, and the user terminal 30 may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server 20 in the embodiment of the present application may be a server corresponding to the application client, and the server 20 may be the server shown in fig. 1.

It should be appreciated that a user (e.g., user a) corresponding to the user terminal 30 may access the application client (e.g., social client) via the first account information. In the embodiment of the application, a user accessing the application client through the first account information may be referred to as a first user, and the first user may also be referred to as a viewing user. It is understood that, when the first user queries the sensitive data of a certain user in the application client, a trigger operation may be performed in the application client for the user to be queried. The trigger operation may include a contact operation such as a click or a long press, or may also include a non-contact operation such as a voice or a gesture, which is not limited herein.

At this time, the user terminal 30 may respond to the trigger operation of the user a, and use the user (for example, the user B) of the second account information corresponding to the trigger operation as the second user to be queried. The user A and the user B can be users after sensitive data isolation in the application client. Further, the user terminal 30 may obtain user identification information, scene type data, and authentication information corresponding to the user B, and further may use the obtained user identification information, scene type data, and authentication information as service key information. It should be understood that the user terminal 30 may generate a first data query request for querying the sensitive data of the user B based on the service key information, and may further send the first data query request to the server 20 corresponding to the application client. Wherein the service key information may be used to instruct the server 20 to determine the validity of the first data query request.

It is understood that the server 20 may determine the validity of the first data query request based on the business key information when acquiring the first data query request. If the scene type data in the service key information does not satisfy the scene query condition, the server 20 may determine that the first data query request is illegal, and at this time, the server 20 may determine that the first data query request is an illegal request, and may not return the user information of the user B. If the scene type data in the service key information satisfies the scene query condition, the server 20 may determine that the first data query request is legal, and at this time, the server 20 may determine that the first data query request is a legal request, and may further authenticate the service key information. The scene query condition may be that the service key information includes scene type data.

It should be understood that, if the server 20 authenticates the scene type of the user B successfully based on the service key information, the server 20 may obtain the sensitive data of the user B, and further may return the sensitive data of the user B to the user terminal 30, so that the user terminal 30 may output the sensitive data of the user B and the basic user information of the user B to the user information display interface of the application client.

If the server 20 is based on the service key information and the scene type of the user B is difficult to authenticate, the server 20 may obtain the basic user information of the user B and return the basic user information to the user terminal 30, so that the user terminal 30 may output the basic user information of the user B to the user information display interface of the application client.

If the server 20 determines that the authentication information of the user B is not matched with the scene type corresponding to the scene type data based on the service key information, the server 20 may determine that the data source is inconsistent and is suspected to have a risk, and may further generate an exception notification, and return the exception notification to the user terminal 30.

Therefore, when the server 20 in the embodiment of the present application obtains the legal first data query request, the sensitive data of the user to be queried (for example, the user B) may be further obtained based on the legal first data query request, so that it is effectively ensured that the sensitive data of the user is not maliciously obtained by others, and the security of the sensitive data of the user is further improved.

A specific implementation manner of obtaining the sensitive data of the second user when the server determines that the first data query request is legal may refer to the following embodiments corresponding to fig. 3 to 8, where the specific implementation manner of obtaining the sensitive data of the second user may be as follows.

Further, please refer to fig. 3, where fig. 3 is a schematic flowchart of a sensitive data query method according to an embodiment of the present application. As shown in fig. 3, the method may be performed by a computer device running an application client, where the computer device may be a user terminal, and the user terminal may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The method may comprise at least the following steps S101-S104:

step S101, responding to a trigger operation of a first user accessing an application client through first account information, and taking a user of second account information corresponding to the trigger operation as a second user to be inquired.

Specifically, a first user (e.g., user a) corresponding to the user terminal may access an application client (e.g., a social client) operated by the user terminal through first account information (e.g., account information 1). It should be understood that the first user may perform a trigger operation on the application client for a user to be queried when querying sensitive data of the user in the application client. The triggering operation may include a contact operation such as a click or a long press, or may also include a non-contact operation such as a voice or a gesture, which is not limited herein. At this time, in response to the trigger operation, the application client may take the user of the second account information (e.g., account information 2) corresponding to the trigger operation as the second user (e.g., user B) to be queried. The first user and the second user can both be users after sensitive data isolation in the application client.

Step S102, obtaining user identification information, scene type data and authentication information corresponding to a second user, using the user identification information, the scene type data and the authentication information as service key information for inquiring sensitive data of the second user, and sending a first data inquiry request to a server corresponding to an application client based on the service key information.

Specifically, the user terminal may obtain user identification information, scene type data, and authentication information corresponding to the second user, and may further use the obtained user identification information, scene type data, and authentication information as the service key information. Further, the user terminal may generate a first data query request for querying sensitive data of a second user based on the service key information, and may further send the first data query request to a server corresponding to the application client. Wherein the service key information may be used to instruct the server to determine the validity of the first data query request.

The user identification information (VID) may be unique identification information (e.g., a character string) configured by the server for the user in the application client when the user registers account information. The scene type data may be a numerical value indicating a scene type (userinfoscenetype) of the user to be queried. For example, the scene type may include a single chat scene, a group chat scene, an organizational structure (i.e., address book) scene, and the like. The authentication information (check _ info) may be data information that needs to be submitted to the server for scene authentication when querying the second user. For example, when the scene type of the second user is a public broadcast group (i.e., a group chat scene), the authentication information may be group identification information corresponding to the public broadcast group.

For ease of understanding, please refer to fig. 4, where fig. 4 is a schematic diagram of pseudo code for defining scene type data according to an embodiment of the present application. As shown in fig. 4, in the embodiment of the present application, a plurality of scene types to which a first user (i.e., a viewing user) and a second user (i.e., a user to be queried) belong may be included, where one scene type may correspond to one scene type data. The embodiment of the application may take 10 as an example, and specifically may include a scene type 1, a scene type 2, a scene type 3, a scene type 4, a scene type 5, a scene type 6, a scene type 7, a scene type 8, a scene type 9, a scene type 10, and a scene type 11.

As shown in fig. 4, the scene type 1 indicated by the scene type data "0" may be an unknown illegal scene, for example, a scene in which a hacker or the like illegally acquires information of a user of another person; the scene type 2 indicated by the scene type data "1" may be a scene type in a public broadcasting group, i.e., a group chat scene, for example, the first user and the second user may be users under the same public broadcasting group (e.g., a political group); the scene type 3 indicated by the scene type data "2" may be a friend recommendation scene, for example, the second user may be a user recommended by a business card or an enterprise card; scenario type 4 indicated by scenario type data "3" may be an external contact buddy scenario, e.g., the first user is a user of enterprise a, and the second user may be a user in an external enterprise (e.g., enterprise B) user list in the application client's organizational structure (e.g., address book); scenario type 5 indicated by scenario type data "4" may be a same enterprise scenario, i.e., the first user and the second user are both users of the same enterprise (e.g., enterprise C); scenario type 6 indicated by scenario type data "5" may be an external client contact scenario, e.g., the first user may be an application client (e.g., an enterprise WeChat client), and the second user may be a user in another application client (e.g., a WeChat client); the scene type 7 indicated by the scene type data "6" may be a single chat scene, for example, a scene in which a first user establishes a session relationship with a second user; scene type 8 indicated by scene type data "7" may be a forwarding message scene, for example, the second user may be a user in a chat log forwarded by other users; scene type 9 indicated by scene type data "8" may be a favorite message scene, e.g., the second user may be a user in a chat log that the first user has favorite; scene type 10 indicated by scene type data "9" may be a common account scene, for example, the second user may be a user who comments on text information of the common account under the common account. The scene type 11 indicated by the scene type data "10" may be its own scene. For example, a user (e.g., a first user) corresponding to the user terminal may perform a trigger operation on a personal business card of the first user in a personal presentation interface of the application client, so that the sensitive data of the first user may be queried, so that the first user may modify or edit the sensitive data and the basic data of the first user in the user information presentation interface corresponding to the first user.

In addition, the scene types in the embodiment of the present application may further include an interface jump scene (e.g., a JSApi scene), a daily report scene, an out-of-job recommendation scene, and the like. The JSApi scene refers to H5 (an application client on an interactive web page) or an applet interface opened by the application client, and a third-party developer can acquire data in the application client or call up a native interaction by using the interface.

It is understood that the authentication types of the scenario types in the embodiment of the present application may be divided into a first authentication type and a second authentication type. The first authentication type refers to a scene type capable of being authenticated, and the second authentication type refers to a scene type difficult to be authenticated. It is understood that the first authentication type may include a group chat scenario, an external contact friend scenario, a same enterprise scenario, an external client contact scenario, a single chat scenario, a public account scenario, and the like. The second authentication type may include a forward message scenario, a favorite message scenario, an interface skip scenario, a daily report scenario, a leave recommendation scenario, a friend recommendation scenario, and the like.

It should be appreciated that the first user and the second user may be users in a session interface in the application client. At this time, the user terminal may determine the session attribute of the session interface in the application client. Further, the user terminal may determine, in the session interface, user identification information mapped by the second user corresponding to the second account information (for example, user identification information B mapped by user B), and may further determine, according to the session attribute, scene type data corresponding to the second user.

The session attribute of the session interface may include a first session attribute and a second session attribute. The first session attribute may be a session attribute corresponding to a single chat scenario in the application client, for example, the scenario type data corresponding to the single chat scenario may be scenario type data "6" shown in fig. 4. The second session attribute may be a session attribute corresponding to a public broadcast group (e.g., a group chat scenario) of the application client, for example, the scene type data corresponding to the group chat scenario may be the scene type data "1" shown in fig. 4.

Further, the user terminal may determine, in the session interface, authentication information corresponding to the second user. It is to be understood that, if the user terminal determines that a session attribute of a session interface (e.g., session interface 1) corresponding to the first user and the second user belongs to the first session attribute, the user terminal may determine session identification information (e.g., the session identification information 1) associated with the first user and the second user in the session interface based on the first session attribute, and may further use the session identification information 1 as authentication information corresponding to the second user. The session identification information 1 may be unique identification information (e.g., a character string) configured by the server for the session attribute when the user a and the user B establish a session relationship.

Optionally, if the user terminal determines that the first user and the second user are both users in the common broadcast group of the application client, the user terminal may determine that the session attribute of the session interface (e.g., session interface 2) corresponding to the announcement broadcast group belongs to the second session attribute. At this time, the user terminal may use enterprise identification information (CorpID) corresponding to the first user as the first enterprise identification information, and use enterprise identification information corresponding to the second user as the second enterprise identification information.

It can be understood that, if the first enterprise identification information and the second enterprise identification information are the enterprise identification information of the same enterprise corresponding to the public broadcast group, the user terminal may use the group identification information corresponding to the public broadcast group as the first session identification information corresponding to the session interface, and further may use the first session identification information as the authentication information corresponding to the second user.

If the first enterprise identification information and the second enterprise identification information are enterprise identification information of different enterprises corresponding to the public broadcast group, the user terminal may use the group identification information corresponding to the public broadcast group as second session identification information corresponding to the session interface. Further, the user terminal may use the first enterprise identification information and the second session identification information as authentication information corresponding to the second user.

Optionally, the second user may be a user in a contact list in the application client. At this time, the user terminal may determine a list attribute of the contact list in the list display interface of the application client. Further, the user terminal may determine, in the list attribute, user identification information mapped by a second user corresponding to the second account information, and may further determine, according to the list attribute, scene type data corresponding to the second user. It should be understood that the user terminal may use the enterprise identification information corresponding to the first user as the authentication information corresponding to the second user in the contact list.

Alternatively, the second user may be a user in a contact list in another application client (e.g., a WeChat client). At this time, the user terminal may determine a list attribute of the contact list in the list display interface of the application client. Further, the user terminal may determine, in the list attribute, user identification information mapped by a second user corresponding to the second account information, and further may determine, according to the list attribute, scene type data (e.g., scene type data "5" shown in fig. 4) corresponding to the second user. It should be understood that the user terminal may determine the authentication information corresponding to the second user as null. In other words, since the first user and the second user belong to users in different clients, the first user cannot acquire sensitive data of the second user across applications.

Optionally, the second user may also be a user in a scenario of forwarding a message or collecting a message. It will be appreciated that the user terminal may require user information of the second user while the first user forwards or otherwise collects chat records associated with the second user. At this time, the user terminal may determine, based on the chat record, user identification information mapped by the second user corresponding to the second account information, and may further determine, according to the chat record, scene type data (e.g., "7" or "8" of the scene type data shown in fig. 4) corresponding to the second user. It should be understood that the user terminal may determine the authentication information corresponding to the second user as the message identification information.

It should be understood that, after the user terminal determines the user identification information, the scene type data and the authentication information of the second user, the user identification information, the scene type data and the authentication information may be used as service key information, and a first data query request for querying the sensitive data of the second user may be generated based on the service key information. At this time, the user terminal may send the first data query request to a server corresponding to the application client.

And step S103, when the server determines that the first data query request is legal, acquiring the sensitive data of the second user returned by the server.

It should be understood that the server may receive the first data query request sent by the user terminal based on the service key information, and may further determine the validity of the first data query request based on the service key information. When it is determined that the first data query request is legal, the server may obtain the sensitive data of the second user, and may return the sensitive data of the second user to the user terminal.

It can be understood that, when the user terminal receives the first data query request, the validity of the first data query request can be determined based on the service key information. If the scene type data in the service key information does not meet the scene query condition, the server may determine that the first data query request is illegal, and at this time, the server may determine that the first data query request is an illegal request, and may not return user information of the second user or return an abnormal prompt notification. If the scene type data in the service key information meets the scene query condition, the server may determine that the first data query request is legal, and at this time, the server may determine that the first data query request is a legal request, and may further authenticate the service key information. The scene query condition may be that the service key information includes scene type data.

It should be appreciated that the server may determine the context type of the second user based on the context type data of the second user, and may further determine the authentication type of the context type based on the context type of the second user. The authentication type of the scene type can be divided into a first authentication type and a second authentication type. The first authentication type refers to a scene type capable of being authenticated, and the second authentication type refers to a scene type difficult to be authenticated. It is understood that the first authentication type may include a group chat scenario, an external contact friend scenario, a same enterprise scenario, an external client contact scenario, a single chat scenario, a public account scenario, and the like. The second authentication type may include a forward message scenario, a favorite message scenario, an interface skip scenario, a daily report scenario, a leave recommendation scenario, a friend recommendation scenario, and the like.

When the server determines that the scene type belongs to the second scene type, because the relationship chain under the scene type corresponding to the second authentication type is too long and cannot be tracked, the server does not need to pay attention to the authentication information, can directly acquire basic data (such as head portrait, gender, constellation, age and the like) of the second user, and returns the basic data to the user terminal. It will be appreciated that the server may determine the dimensions of the scene type based on the authentication information. It should be understood that, if the authentication information is the enterprise identification information, the server may determine whether to return the sensitive data of the second user based on the enterprise dimension, so that it may be effectively ensured that the sensitive data of the second user is not unintentionally disclosed by an external enterprise. If the authentication information is session identification information, the server can determine whether to return the sensitive data of the second user based on the session dimension, so that the sensitive data of the second user can be ensured to have the viewing right by the user in the session corresponding to the session identification information. Therefore, in the embodiment of the application, the scene types can be classified through different dimensions, so that the secure data isolation of the sensitive data of the user in the application client is ensured.

When the server determines that the scene type belongs to the first scene type, the server needs to determine the matching between the authentication information in the service key information and the scene type. If the authentication information is not matched with the scene type, the server can determine that the data sources are contradictory and cannot issue the sensitive data of the user. At this time, the server may generate an exception notification, and return the exception notification to the user terminal to remind the user terminal that the query mode is incorrect. If the authentication information is matched with the scene type, the server can inquire the user identification information of the second user in the scene type corresponding to the authentication information, and can acquire the sensitive data and the basic data of the second user when inquiring the user identification information, so that the sensitive data and the basic data of the second user can be returned to the user terminal.

For example, the server may obtain a first data query request sent by a user terminal corresponding to a user a (i.e., a first user) for querying sensitive data of a user B (i.e., a second user). The service key information in the first data query request may include user identification information b, scene type data "1", and group identification information x. At this time, since the scene type data in the service key information satisfies the scene query condition, the server may determine that the first data query request is legal. At this time, the server may determine that the scene type of the user B belongs to the group chat scene based on the scene type data "1", and may further determine that the group chat scene belongs to an authentication-capable scene type (i.e., a first authentication type). Further, the server may determine a match of the group chat scenario with the authentication information. Since the authentication information is the group identification information x, the server may determine that the scene type matches the authentication information. At this time, the server may query the user identification information B of the user B in the group corresponding to the group identification information x based on the group identification information x, and when querying the user identification information B, the server may obtain the sensitive data and the basic data of the user B, and return the sensitive data and the basic data of the user B to the user terminal.

For example, the server may obtain a first data query request sent by a user terminal corresponding to the user C (i.e., the first user) for querying sensitive data of the user D (i.e., the second user). The service key information in the first data query request may include user identification information d, scene type data "6", and group identification information y. At this time, since the scene type data in the service key information satisfies the scene query condition, the server may determine that the first data query request is legal. At this time, the server may determine that the scene type of the user D belongs to the single chat scene based on the scene type data "6", and may further determine that the single chat scene belongs to an authentication-capable scene type (i.e., a first authentication type). Further, the server may determine a match of the single chat scenario with the authentication information. Since the authentication information is the group identification information y, the server may determine that the scene type does not match the authentication information. At this time, the server may determine that the data sources are contradictory and suspected of having potential safety hazards, and may return an exception prompt notification or no information to the user terminal.

For example, the server may obtain a first data query request sent by a user terminal corresponding to the user E (i.e., the first user) for querying sensitive data of the user F (i.e., the second user). The service key information in the first data query request may include user identification information f, scene type data "7", and message identification information z. At this time, since the scene type data in the service key information satisfies the scene query condition, the server may determine that the first data query request is legal. At this time, the server may determine that the scene type of the user F belongs to a forwarded message scene based on the scene type data "7", and since the message is forwarded all the time in the scene type, the relationship chain is too long, and further, may determine that the forwarded message scene belongs to a scene type (i.e., a second authentication type) that is difficult to authenticate. Further, the server does not return the sensitive data of the user F any more, but obtains the basic data of the user F based on the user identification information F of the user F, and then can return the basic data of the user F to the user terminal.

And step S104, outputting the sensitive data of the second user to a user information display interface of the application client.

Specifically, the user terminal may output the sensitive data of the second user returned by the server to the user information presentation interface of the application client. Wherein, the user information display interface can display the sensitive data and the basic data of the second user. The sensitive data may include telephone, mailbox, home address, landline, etc., and the basic data may include avatar, gender, nickname, etc.

For easy understanding, please refer to fig. 5a, where fig. 5a is a schematic view of a scenario where a second user's sensitive data is queried in a session interface in a single chat scenario according to an embodiment of the present application. As shown in fig. 5a, the user terminal running with the application client in the embodiment of the present application may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server corresponding to the application client may be the server 50a shown in fig. 5a, and the server 50a may be the server 10 shown in fig. 1.

As shown in fig. 5a, a user corresponding to a user terminal in this embodiment may be a user a (i.e., a first user) accessing the user terminal through account information 1 (first account information), and a session interface (e.g., a session interface 500a shown in fig. 5 a) of the user terminal may include service information of the user a and the user B during interactive communication. The service information may include pictures, videos, voices, texts, etc. The session attribute corresponding to the session interface 500a may be a session attribute corresponding to a single chat scenario (i.e., a first session attribute). The user B may be a user (i.e., a second user) corresponding to the account information 2 (i.e., second account information) that the user a needs to query.

It is understood that the user a may perform a trigger operation with respect to the user B in the session interface 500, so that the user terminal may generate the data query request 5a for querying the sensitive data of the user B in response to the trigger operation. It is understood that the user terminal may determine the session attribute of the session interface 500a as the first session attribute (i.e., the session attribute corresponding to the single chat scenario) in the application client. Further, the ue may obtain the user identification information B of the user B, and may determine that the scene type data of the user B is the scene type data "6" shown in fig. 4 according to the first session attribute.

Further, the user terminal may determine the authentication information corresponding to the user B in the session interface 500 a. It is understood that the user terminal may determine session identification information (e.g., the session identification information 1) associated with the user a and the user B in the session interface 500a based on the first session attribute, and may further use the session identification information 1 as authentication information corresponding to the user B. The session identification information 1 may be unique identification information (e.g., a character string) configured by the server for the session attribute when the user a and the user B establish a session relationship.

At this time, the user terminal may use the user identification information B, the scene type data "6" and the session identification information 1 as service key information, and may further generate a data query request 5a (i.e., a first data query request) for querying the user B based on the service key information. The user terminal may send the data query request 5a to the server 50a, so that the server 50a obtains the sensitive data of the user B when determining that the data query request 5a is legal, and further, may send the sensitive data of the user B to the user terminal. At this time, the user terminal may output the sensitive data of the user B to the user information presentation interface 510a of the application client shown in fig. 5 a. The sensitive data of the user B may be data such as a mobile phone, a landline phone, a mailbox, and an address shown in the user information display interface 510 a.

For easy understanding, please refer to fig. 5b, where fig. 5b is a schematic view of a scenario in which a second user is queried for sensitive data under a public broadcast group according to an embodiment of the present application. As shown in fig. 5b, the user terminal in this embodiment may run with an application client, and the user terminal may be any one user terminal in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server corresponding to the application client may be the server 50b shown in fig. 5b, and the server 50b may be the server 10 shown in fig. 1.

As shown in fig. 5b, the user corresponding to the user terminal may be user a (i.e., the first user) accessing the application client through account information 1 (i.e., the first account information). The session interface of the application client in the user terminal (e.g., session interface 500b shown in fig. 5 b) may be a session interface corresponding to a common broadcast group (e.g., group 1) of the application client. Wherein, the group 1 may include a plurality of users. The session interface 500b may include service information of each user in the group 1 during interactive communication, where the service information may include pictures, videos, voices, texts, and the like. As shown in fig. 5B, the session interface 500B in the embodiment of the present application may include service information of a user a, a user B accessing an application client through account information 2 (i.e., second account information), and a user C accessing the application client through account information 3. Wherein, the user B may be a user (i.e. a second user) that the user a needs to query.

The user a may execute a trigger operation for the user B in the session interface 500B, so that the user terminal may respond to the trigger operation to generate a data query request 5B for querying sensitive data of the user B. It is understood that the user terminal may determine, in the application client, the session attribute of the session interface 500b as a second session attribute (i.e., a session attribute corresponding to the group chat scenario). Further, the user terminal may obtain the user identification information B of the user B, and may determine that the scene type data of the user B is the scene type data "1" shown in fig. 4 according to the second session attribute.

Further, the user terminal may determine the authentication information corresponding to the user B in the session interface 500B. It can be understood that if the enterprise identification information corresponding to the user a (i.e., the first user) in the session interface 500B is the enterprise identification information 1 (i.e., the first enterprise identification information), and the enterprise identification information corresponding to the user B (i.e., the second user) is also the enterprise identification information 1 (i.e., the second enterprise identification information), the user terminal may determine that the enterprise identification information of the user a and the enterprise identification information of the user B are the enterprise identification information of the same enterprise corresponding to the group 1. At this time, the user terminal may use the group identification information corresponding to the group 1 as the corresponding first session identification information in the session interface 500B, and further may use the first session identification information as the authentication information of the user B.

At this time, the user terminal may use the user identification information B, the scene type data "1" and the group identification information (i.e., the first session identification information) corresponding to the group 1 as the service key information, and further may generate a data query request 5B (i.e., a first data query request) for querying the user B based on the service key information. The user terminal may send the data query request 5B to the server 50B, so that the server 50B obtains the sensitive data of the user B when determining that the data query request 5B is legal, and further, may send the sensitive data of the user B to the user terminal. At this time, the user terminal may output the sensitive data of the user B to the user information presentation interface 510B of the application client shown in fig. 5B. The sensitive data of the user B may be data such as a mobile phone, a landline phone, a mailbox, and an address shown in the user information display interface 510B.

Optionally, if the enterprise identification information corresponding to the user a (i.e., the first user) in the session interface 500B is enterprise identification information 1 (i.e., the first enterprise identification information), and the enterprise identification information corresponding to the user B (i.e., the second user) is enterprise identification information 2 (i.e., the second enterprise identification information), the user terminal may determine that the enterprise identification information of the user a and the enterprise identification information of the user B are enterprise identification information of different enterprises corresponding to the group 1. At this time, the user terminal may use the group identification information corresponding to the group 1 as the corresponding second session identification information in the session interface, and further may use the second session identification information and the enterprise identification information 1 (i.e., the first enterprise identification information) as the authentication information of the user B.

At this time, the user terminal may use the user identification information B, the scene type data "1", and the group identification information (i.e., the second session identification information) and the enterprise identification information 1 (i.e., the first enterprise identification information) corresponding to the group 1 as the service key information, and further may generate a data query request 5B (i.e., the first data query request) for querying the user B based on the service key information. The user terminal may send the data query request 5B to the server 50B, so that the server 50B obtains the sensitive data of the user B when determining that the data query request 5B is legal, and further, may send the sensitive data of the user B to the user terminal. At this time, the user terminal may output the sensitive data of the user B to the user information presentation interface 510B of the application client shown in fig. 5B. The sensitive data of the user B may be data such as a mobile phone, a landline phone, a mailbox, and an address shown in the user information display interface 510B.

For ease of understanding, please further refer to fig. 6, where fig. 6 is a schematic diagram of a scenario in which a second user's sensitive data is queried under a contact list according to an embodiment of the present application. As shown in fig. 6, the user terminal running with the application client in the embodiment of the present application may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server 60 corresponding to the application client may be the server 10 shown in fig. 1.

As shown in fig. 6, a user corresponding to a user terminal in the embodiment of the present application may be a user a (i.e., a first user), and a list display interface 600 of the user terminal may include a plurality of users, for example, 3 users may specifically include a user B, a user C, and a user D. Wherein, the user B may be a user (i.e. a second user) that the user a needs to query. These 3 users may be users in the application client's contact list (e.g., department 1).

The user a may perform a trigger operation on the user B in the list display interface 600, and at this time, the user terminal may generate the data query request 6 for querying the sensitive data of the user B in response to the trigger operation. It is to be understood that, if the user a is a user in an enterprise a, and the user B is a user in a contact list corresponding to a department 1 (e.g., administrative department) of the enterprise a in the application client, the user terminal may determine, in the list display interface of the application client, that the list attribute of the contact list is the same enterprise scene in the organizational structure. Further, the user terminal may determine the user identification information B of the user B in the list attribute, and may determine the scene type data of the user B as the scene type data "4" shown in fig. 4 according to the list attribute. In the contact list corresponding to the department 1, the user terminal may use the enterprise identification information corresponding to the user a (i.e., the enterprise identification information 1 of the enterprise a) as the authentication information of the user B.

At this time, the user terminal may use the user identification information B, the scene type data "4" and the enterprise identification information 1 as business key information, and may further generate a data query request 6 (i.e., a first data query request) for querying the user B based on the business key information. The user terminal may send the data query request 6 to the server 60, so that the server 60 obtains the sensitive data of the user B when determining that the data query request 6 is legal, and further, may send the sensitive data of the user B to the user terminal. At this time, the user terminal may output the sensitive data of the user B to the user information presentation interface 610 of the application client shown in fig. 6. The sensitive data of the user B may be data such as a mobile phone, a landline phone, a mailbox, and an address shown in the user information presentation interface 610.

Optionally, if the user a is a user in an enterprise a, and the user B is a user in a contact list corresponding to a department 1 of an enterprise B (i.e., an interconnected enterprise) in the application client, the user terminal may determine, in the list display interface 600 of the application client, that the list attribute of the contact list is an external contact friend scene in the organization architecture. Further, the user terminal may determine the user identification information B of the user B in the list attribute, and may determine the scene type data of the user B as the scene type data "3" shown in fig. 4 according to the list attribute. In the contact list corresponding to the department 1, the user terminal may use the enterprise identification information corresponding to the user a (i.e., the enterprise identification information 1 of the enterprise a) as the authentication information of the user B.

At this time, the user terminal may use the user identification information B, the scene type data "3", and the enterprise identification information 1 as business key information, and may further generate a data query request 6 (i.e., a first data query request) for querying the user B based on the business key information. The user terminal may send the data query request 6 to the server 60, so that the server 60 obtains the sensitive data of the user B when determining that the data query request 6 is legal, and further, may send the sensitive data of the user B to the user terminal. At this time, the user terminal may output the sensitive data of the user B to the user information presentation interface 610 of the application client shown in fig. 6. The sensitive data of the user B may be data such as a mobile phone, a landline phone, a mailbox, and an address shown in the user information presentation interface 610.

Further, please refer to fig. 7, where fig. 7 is a schematic flowchart of a sensitive data query method according to an embodiment of the present application. As shown in fig. 7, the method may be performed by a user terminal and a server, where the user terminal may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server may be the server 10 shown in fig. 1 described above. The method may comprise at least the following steps S201-S206:

step S201, a user terminal responds to a trigger operation of a first user accessing an application client through first account information, and the user of second account information corresponding to the trigger operation is used as a second user to be inquired;

step S202, a user terminal acquires user identification information, scene type data and authentication information corresponding to a second user, the user identification information, the scene type data and the authentication information are used as service key information for inquiring sensitive data of the second user, and a first data inquiry request is sent to a server corresponding to an application client based on the service key information;

step S203, the server determines the validity of the first data query request based on the service key information.

Step S204, the server acquires the sensitive data of the second user when determining that the first data query request is legal.

Step S205, the server returns the sensitive data of the second user to the user terminal,

and step S206, the user terminal outputs the sensitive data of the second user to a user information display interface of the application client.

For specific implementation of steps S201 to S206, reference may be made to the description of steps S101 to S104 in the embodiment corresponding to fig. 3, and details will not be described here.

It should be understood that the user terminal in this embodiment of the application may be run with an application client, and a scene type corresponding to a public broadcast platform associated with the application client may belong to a second authentication type (i.e., a scene that is difficult to authenticate), but sensitive data of a first user corresponding to the user terminal may also be obtained by the user terminal if a security policy allows. The security policy may mean that a background worker corresponding to the application client may set a security policy for the public broadcasting platform, for example, the security policy may allow the public broadcasting platform to obtain sensitive data of a user in the application client. As another example, the security policy may allow the public address platform to obtain basic data for a user in the application client. Of course, if the server receives a complaint request from another user terminal to the public broadcast platform, the server may generate prompt information for prompting a background worker to adjust the security policy of the public broadcast platform based on the complaint request. For example, the background staff member may modify the security policy of the public broadcasting platform to a certain time limit (e.g., 3 days), which does not allow the public broadcasting platform to acquire the sensitive data of the user. Therefore, the embodiment of the application can dynamically protect the sensitive data of the user in the application client.

It can be understood that the first user may perform a trigger operation with respect to the public broadcasting platform, and may further cause the user terminal to respond to the trigger operation, so as to output an information presentation interface of the public broadcasting platform. The information display interface can include business data information issued to an enterprise object corresponding to the public broadcast platform and an interactive editing control used for interacting the business data information.

Further, the first user can execute a trigger operation for the interactive editing control, so that the user terminal can respond to the trigger operation and output a text entry sub-interface independent of the information display interface, and further the first user can enter text interactive information for the service data information on the text entry sub-interface. The text entry sub-interface can be an interface superposed on the information display interface, and the size of the text entry sub-interface is smaller than that of the information display interface; the text entry sub-interface may include an interactive publishing control.

It should be understood that when the first user finishes editing the text interaction information, a trigger operation may be executed for the interaction publishing control, and then the user terminal may be enabled to respond to the trigger operation, so that a second data query request for acquiring sensitive data of the first user may be sent to a server corresponding to the application client. It can be understood that the scene corresponding to the information presentation interface of the public broadcasting platform may be an interface skip scene. When a first user executes a trigger operation for the interactive publishing control, the user terminal can take the first user as a user to be queried, and further can authorize the public broadcast platform to acquire user identification information of the first user in the application client based on an interface skip scene. Further, the user terminal may determine scene type data corresponding to the first user based on an interface attribute of the interface skip scene, and may acquire platform identification information corresponding to the public broadcast platform and text identification information of the text interaction information, and may further use the platform identification information and the text identification information as authentication information corresponding to the first user. It should be understood that the user terminal may use the user identification information of the first user, the scene type data corresponding to the first user, and the authentication information corresponding to the first user as the service key information of the first user. Further, the user terminal may generate a second data query request for querying sensitive data of the first user based on the business key information of the first user, and send the second data query request to a server corresponding to the application client.

It can be understood that, when the server receives the second data query request, the server may compare the security policy of the public broadcast platform, and when the security policy indicates that the data query request sent by the public broadcast platform is successfully authenticated, the server may obtain the sensitive data of the first user, and further may return the sensitive data of the first user to the user terminal, so that the user terminal may use the text interaction information and the sensitive data of the first user as the interaction information of the service data information.

For ease of understanding, please further refer to fig. 8, where fig. 8 is a schematic view of a scenario for acquiring sensitive data of a first user according to an embodiment of the present application. As shown in fig. 8, the user terminal 81 running the application client may be any one of the user terminals in the user terminal cluster shown in fig. 1, for example, the user terminal 100 a. The server corresponding to the application client may be the server 80, and the server 80 may be the server 10 shown in fig. 1.

It is understood that the display interface of the user terminal 81 may include a plurality of public broadcasting platforms, and specifically may include the public broadcasting platform 1, the public broadcasting platform 2, the public broadcasting platform 3, and the public broadcasting platform 4. The public address platform may be H5 (an application client on an interactive web page) or an applet interface that is opened for the application client. A user a (i.e., a first user) corresponding to the user terminal 81 may perform a trigger operation for a certain public broadcasting platform (e.g., the public broadcasting platform 4), and then the user terminal 81 may respond to the trigger operation, so as to output the information display interface 800 of the public broadcasting platform 4. The information display interface 800 may include service data information issued to an enterprise object corresponding to the public broadcast platform 4 and an interactive editing control (e.g., "leave-word writing" control) for interacting with the service data information.

Further, the user a may execute a trigger operation for the interactive editing control, so that the user terminal 81 may respond to the trigger operation and output a text entry sub-interface 810 independent of the information display interface 800, and further, the user a may enter text interactive information for the service data information on the text entry sub-interface 810. The text entry sub-interface 810 can be an interface superimposed on the information presentation interface 800, and the size of the text entry sub-interface 810 is smaller than the size of the information presentation interface 800; and an interactive publishing control (e.g., a "submit" control) may be included in the text entry sub-interface 810.

It is understood that the scene corresponding to the information presentation interface 800 of the public broadcasting platform 4 may be an interface skip scene. It should be appreciated that when the user a finishes editing the text interaction information, a trigger operation may be performed with respect to the interactive publishing control. At this time, the user terminal 81 responds to the trigger operation, takes the user a as a user to be queried, and further authorizes the public broadcast platform 4 to obtain the user identification information a of the user a in the application client based on the interface skip scene. Further, the user terminal 81 may determine, based on the interface attribute of the interface jump scene, that the scene type data corresponding to the user a is the scene type data "9" shown in fig. 4, and may acquire the platform identification information corresponding to the public broadcast platform 4 and the text identification information of the text interaction information, and further may use the platform identification information and the text identification information as the authentication information corresponding to the user a. It should be understood that the user terminal 81 may use the user identification information a, the scene type data "9", and the platform identification information and the text identification information of the user a as the service key information of the user a. Further, the user terminal 81 may generate a second data query request for querying the sensitive data of the user a based on the service key information of the user a, and send the second data query request to the server 80 corresponding to the application client.

It can be understood that, when the server 80 receives the second data query request, the server 80 may compare the security policy of the public broadcast platform 4, and when the security policy indicates that the second data query request sent by the public broadcast platform 4 is successfully authenticated, the server 80 may obtain the sensitive data of the user a, and then may return the sensitive data of the user a to the user terminal 81, so that the user terminal 81 may use the text interaction information and the sensitive data of the user a as the interaction information of the service data information.

Further, please refer to fig. 9, where fig. 9 is a schematic structural diagram of a sensitive data query device according to an embodiment of the present application. The sensitive data query apparatus 1 may be a computer program (including program code) running in a computer device, for example, the sensitive data query apparatus 1 is an application software; the sensitive data query device 1 may be configured to perform corresponding steps in the method provided by the embodiment of the present application. As shown in fig. 9, the sensitive data query apparatus 1 may operate in a user terminal, which may be the user terminal 30 in the embodiment corresponding to fig. 2. The sensitive data query apparatus 1 may include: the system comprises a to-be-queried user determining module 10, a first request sending module 20, a sensitive data acquiring module 30, a sensitive data output module 40, a display interface output module 50, an information entry module 60, a second request sending module 70 and an interactive information determining module 80.

The to-be-queried user determining module 10 is configured to respond to a trigger operation of a first user accessing an application client through first account information, and use a user with second account information corresponding to the trigger operation as a second user to be queried; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

the first request sending module 20 is configured to obtain user identification information, scene type data, and authentication information corresponding to a second user, use the user identification information, the scene type data, and the authentication information as service key information for querying sensitive data of the second user, and send a first data query request to a server corresponding to an application client based on the service key information; the business key information is used for indicating the server to determine the validity of the first data query request.

the first request sending module 20 includes: a session attribute determining unit 201, a first determining unit 202, a second determining unit 203, a first request transmitting unit 204, a list attribute determining unit 205, a third determining unit 206, a fourth determining unit 207, and a second request transmitting unit 208.

The session attribute determining unit 201 is configured to determine a session attribute of a session interface in an application client;

the first determining unit 202 is configured to determine, in a session interface, user identification information mapped by a second user corresponding to the second account information, and determine, according to a session attribute, scene type data corresponding to the second user;

the second determining unit 203 is configured to determine, in the session interface, authentication information corresponding to the second user.

Wherein the session attribute comprises a first session attribute;

the second determination unit 203 includes: a first determining sub-unit 2031, a second determining sub-unit 2032, a third determining sub-unit 2033, and a fourth determining sub-unit 2034.

The first determining subunit 2031 is configured to determine, in the session interface, session identification information associated with the first user and the second user based on the first session attribute, and use the session identification information as authentication information corresponding to the second user.

the second determining subunit 2032 is configured to use the enterprise identification information corresponding to the first user as the first enterprise identification information, and use the enterprise identification information corresponding to the second user as the second enterprise identification information;

the third determining subunit 2033 is configured to, if the first enterprise identification information and the second enterprise identification information are enterprise identification information of the same enterprise corresponding to the public broadcast group, use the group identification information corresponding to the public broadcast group as the first session identification information corresponding to the session interface, and use the first session identification information as the authentication information corresponding to the second user;

the fourth determining subunit 2034 is configured to, if the first enterprise identification information and the second enterprise identification information are enterprise identification information of different enterprises corresponding to the public broadcast group, use the group identification information corresponding to the public broadcast group as second session identification information corresponding to the session interface, and use the first enterprise identification information and the second session identification information as authentication information corresponding to the second user.

For specific implementation manners of the first determining subunit 2031, the second determining subunit 2032, the third determining subunit 2033, and the fourth determining subunit 2034, reference may be made to the description of the authentication information in the embodiment corresponding to fig. 3, which will not be described again here.

The first request sending unit 204 is configured to use the user identification information, the scene type data, and the authentication information as service key information, generate a first data query request for querying sensitive data of a second user based on the service key information, and send the first data query request to a server corresponding to the application client.

The second user is a user in a contact list in the application client;

the list attribute determining unit 205 is configured to determine a list attribute of the contact list in a list display interface of the application client;

the third determining unit 206 is configured to determine, in the list attribute, user identification information mapped by a second user corresponding to the second account information, and determine scene type data corresponding to the second user according to the list attribute;

the fourth determining unit 207 is configured to use the enterprise identification information corresponding to the first user as authentication information corresponding to the second user in the contact list;

the second request sending unit 208 is configured to use the user identification information, the scene type data, and the authentication information as service key information, generate a first data query request for querying sensitive data of a second user based on the service key information, and send the first data query request to a server corresponding to the application client.

For specific implementation manners of the session attribute determining unit 201, the first determining unit 202, the second determining unit 203, the first request sending unit 204, the list attribute determining unit 205, the third determining unit 206, the fourth determining unit 207, and the second request sending unit 208, reference may be made to the description of step S102 in the embodiment corresponding to fig. 3, and details will not be described here again.

The sensitive data obtaining module 30 is configured to obtain the sensitive data of the second user returned by the server when the server determines that the first data query request is legal;

the sensitive data output module 40 is configured to output the sensitive data of the second user to a user information display interface of the application client.

The display interface output module 50 is configured to output an information display interface of the public broadcasting platform in response to a trigger operation of the first user on the public broadcasting platform associated with the application client; the information display interface comprises business data information issued by an enterprise object corresponding to the public broadcasting platform and an interactive editing control used for interacting the business data information;

the information entry module 60 is configured to respond to a trigger operation for the interactive editing control, output a text entry sub-interface independent of the information display interface, and enter text interaction information for the service data information on the text entry sub-interface; the text entry sub-interface is an interface superposed on the information display interface, and the size of the text entry sub-interface is smaller than that of the information display interface; the text entry sub-interface comprises an interactive release control;

the second request sending module 70 is configured to send, in response to a trigger operation for the interactive publishing control, a second data query request for obtaining the sensitive data of the first user to a server corresponding to the application client.

the second request transmission module 70 includes: an authorization unit 701, a fifth determination unit 702, a sixth determination unit 703, a key information determination unit 704, and a third request transmission unit 705.

The authorization unit 701 is configured to respond to a trigger operation for an interactive publishing control, use a first user as a user to be queried, and authorize a public broadcast platform to obtain user identification information of the first user in an application client based on an interface skip scene;

the fifth determining unit 702 is configured to determine scene type data corresponding to the first user based on an interface attribute of the interface jump scene;

a sixth determining unit 703, configured to acquire platform identification information corresponding to the public broadcast platform and text identification information of the text interaction information, and use the platform identification information and the text identification information as authentication information corresponding to the first user;

the key information determining unit 704 is configured to use the user identification information of the first user, the scene type data corresponding to the first user, and the authentication information corresponding to the first user as service key information of the first user;

the third request sending unit 705 is configured to generate a second data query request for querying sensitive data of the first user based on the service key information of the first user, and send the second data query request to a server corresponding to the application client.

For specific implementation manners of the authorization unit 701, the fifth determination unit 702, the sixth determination unit 703, the key information determination unit 704, and the third request sending unit 705, reference may be made to the description of the second data query request in the embodiment corresponding to fig. 7, and details will not be further described here.

And the interactive information determining module 80 is configured to, when sensitive data of the first user returned by the server is received, use the text interactive information and the sensitive data of the first user as interactive information of the service data information.

For specific implementation manners of the to-be-queried user determining module 10, the first request sending module 20, the sensitive data obtaining module 30, the sensitive data output module 40, the display interface output module 50, the information entry module 60, the second request sending module 70, and the interaction information determining module 80, reference may be made to the description of steps S101 to S104 in the embodiment corresponding to fig. 3, which will not be further described herein. In addition, the beneficial effects of the same method are not described in detail.

Further, please refer to fig. 10, fig. 10 is a schematic diagram of a computer device according to an embodiment of the present application. As shown in fig. 10, the computer device 1000 may be the user terminal 30 in the embodiment corresponding to fig. 2, and the computer device 1000 may include: at least one processor 1001, such as a CPU, at least one network interface 1004, a user interface 1003, memory 1005, at least one communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display (Display) and a Keyboard (Keyboard), and the network interface 1004 may optionally include a standard wired interface and a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (non-volatile memory), such as at least one disk memory. The memory 1005 may optionally also be at least one storage device located remotely from the aforementioned processor 1001. As shown in fig. 10, the memory 1005, which is one type of computer storage medium, may include an operating system, a network communication module, a user interface module, and a device control application program.

In the computer apparatus 1000 shown in fig. 10, the network interface 1004 is mainly used for network communication with a server; the user interface 1003 is an interface for providing a user with input; and the processor 1001 may be used to invoke a device control application stored in the memory 1005 to implement:

It should be understood that the computer device 1000 described in this embodiment of the present application may perform the description of the sensitive data querying method in the embodiment corresponding to fig. 3 and fig. 7, and may also perform the description of the sensitive data querying device 1 in the embodiment corresponding to fig. 9, which is not described herein again. In addition, the beneficial effects of the same method are not described in detail.

Further, here, it is to be noted that: an embodiment of the present application further provides a computer-readable storage medium, where the computer program executed by the aforementioned sensitive data querying device 1 is stored in the computer-readable storage medium, and the computer program includes program instructions, and when the processor executes the program instructions, the description of the sensitive data querying method in the embodiment corresponding to fig. 3 or fig. 7 can be executed, so that details are not repeated here. In addition, the beneficial effects of the same method are not described in detail. For technical details not disclosed in embodiments of the computer-readable storage medium referred to in the present application, reference is made to the description of embodiments of the method of the present application. As an example, program instructions may be deployed to be executed on one computing device or on multiple computing devices at one site or distributed across multiple sites and interconnected by a communication network, which may comprise a block chain system.

An aspect of the application provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instruction from the computer-readable storage medium, and executes the computer instruction, so that the computer device can execute the description of the sensitive data query method in the embodiment corresponding to fig. 3 or fig. 7, which is not described herein again. In addition, the beneficial effects of the same method are not described in detail.

Further, please refer to fig. 11, where fig. 11 is a schematic structural diagram of a sensitive data query device according to an embodiment of the present application. The sensitive data query apparatus 2 may be a computer program (including program code) running in a computer device, for example, the sensitive data query apparatus 2 is an application software; the sensitive data query device 2 can be used for executing corresponding steps in the method provided by the embodiment of the application. As shown in fig. 11, the sensitive data query apparatus 2 may operate on a server, which may be the server 20 in the embodiment corresponding to fig. 2. The sensitive data query device 2 may include: the system comprises a query request receiving module 100, a validity determining module 200, a data acquiring module 300 and a data returning module 400.

The query request receiving module 100 is configured to receive a first data query request sent by a user terminal running an application client based on service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes the triggering operation; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

the validity determining module 200 is configured to determine validity of the first data query request based on the service key information.

Wherein, the validity determining module 200 includes: a first legitimacy determining unit 2010 and a second legitimacy determining unit 2020.

The first validity determining unit 2010 is configured to determine that the first data query request has validity if the scene type data in the service key information meets the scene query condition;

the second validity determining unit 2020 is configured to determine that the first data query request is illegal if the scene type data in the service key information does not satisfy the scene query condition.

For specific implementation manners of the first validity determining unit 2010 and the second validity determining unit 2020, reference may be made to the description of step S203 in the embodiment corresponding to fig. 7, and details will not be described again here.

The data obtaining module 300 is configured to obtain the sensitive data of the second user when it is determined that the first data query request is legal;

the data returning module 400 is configured to return the sensitive data of the second user to the user terminal, so that the user terminal outputs the sensitive data of the second user to the user information display interface of the application client.

For specific implementation manners of the query request receiving module 100, the validity determining module 200, the data obtaining module 300, and the data returning module 400, reference may be made to the description of step S201 to step S206 in the embodiment corresponding to fig. 7, and details will not be further described here. In addition, the beneficial effects of the same method are not described in detail.

Further, please refer to fig. 12, fig. 12 is a schematic diagram of a computer device according to an embodiment of the present application. As shown in fig. 12, the computer device 3000 may be the server 20 in the embodiment corresponding to fig. 2, and the computer device 3000 may include: at least one processor 3001, e.g., a CPU, at least one network interface 3004, a user interface 3003, memory 3005, at least one communication bus 3002. The communication bus 3002 is used to realize connection communication between these components. The user interface 3003 may include a Display screen (Display) and a Keyboard (Keyboard), and the network interface 3004 may optionally include a standard wired interface and a wireless interface (e.g., WI-FI interface). The memory 3005 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The storage 3005 may optionally also be at least one storage device located remotely from the aforementioned processor 3001. As shown in fig. 12, the memory 3005, which is one type of computer storage medium, may include an operating system, a network communication module, a user interface module, and a device control application program.

In the computer device 3000 shown in fig. 12, the network interface 3004 is mainly used for network communication with the user terminal; and the user interface 3003 is an interface mainly for providing input to the user; and the processor 3001 may be configured to invoke a device control application stored in the memory 3005 to implement:

receiving a first data query request sent by a user terminal running with an application client based on service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes the triggering operation; the first user and the second user are both users subjected to sensitive data isolation;

It should be understood that the computer device 3000 described in this embodiment may perform the description of the sensitive data querying method in the embodiment corresponding to fig. 7, and may also perform the description of the sensitive data querying device 2 in the embodiment corresponding to fig. 11, which is not described herein again. In addition, the beneficial effects of the same method are not described in detail.

Further, here, it is to be noted that: an embodiment of the present application further provides a computer-readable storage medium, where the computer program executed by the aforementioned sensitive data querying device 2 is stored in the computer-readable storage medium, and the computer program includes program instructions, and when the processor executes the program instructions, the description of the sensitive data querying method in the embodiment corresponding to fig. 7 can be executed, so that details are not repeated here. In addition, the beneficial effects of the same method are not described in detail. For technical details not disclosed in embodiments of the computer-readable storage medium referred to in the present application, reference is made to the description of embodiments of the method of the present application. As an example, program instructions may be deployed to be executed on one computing device or on multiple computing devices at one site or distributed across multiple sites and interconnected by a communication network, which may comprise a block chain system.

Further, please refer to fig. 13, where fig. 13 is a schematic structural diagram of a data processing system according to an embodiment of the present application. The data processing system 3 may comprise a data processing device 1a and a data processing device 2 a. The data processing apparatus 1a may be the sensitive data querying apparatus 1 in the embodiment corresponding to fig. 9, and it can be understood that the data processing apparatus 1a may be integrated in the user terminal 30 in the embodiment corresponding to fig. 2, and therefore, details will not be described here. The data processing apparatus 2a may be the sensitive data querying apparatus 2 in the embodiment corresponding to fig. 11, and it is understood that the data processing apparatus 2a may be integrated in the server 20 in the embodiment corresponding to fig. 2, and therefore, the details will not be described here. In addition, the beneficial effects of the same method are not described in detail. For technical details not disclosed in the embodiments of the data processing system to which the present application relates, reference is made to the description of the embodiments of the method of the present application.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.

The above disclosure is only for the purpose of illustrating the preferred embodiments of the present application and is not to be construed as limiting the scope of the present application, so that the present application is not limited thereto, and all equivalent variations and modifications can be made to the present application.

Claims

1. A method for querying sensitive data, wherein the method is executed by a user terminal, and comprises:

acquiring user identification information, scene type data and authentication information corresponding to the second user, taking the user identification information, the scene type data and the authentication information as service key information for inquiring sensitive data of the second user, and sending a first data inquiry request to a server corresponding to the application client based on the service key information; the service key information is used for indicating the server to determine the validity of the first data query request;

when the server determines that the first data query request is legal, sensitive data of the second user returned by the server are obtained;

2. The method of claim 1, wherein the first user and the second user are users in a session interface in the application client;

the acquiring user identification information, scene type data and authentication information corresponding to the second user, taking the user identification information, the scene type data and the authentication information as service key information for querying sensitive data of the second user, and sending a first data query request to a server corresponding to the application client based on the service key information includes:

determining a session attribute of the session interface in the application client;

determining user identification information mapped by a second user corresponding to the second account information in the session interface, and determining scene type data corresponding to the second user according to the session attribute;

determining authentication information corresponding to the second user in the session interface;

and taking the user identification information, the scene type data and the authentication information as service key information, generating a first data query request for querying sensitive data of the second user based on the service key information, and sending the first data query request to a server corresponding to the application client.

3. The method of claim 2, wherein the session attribute comprises a first session attribute;

the determining, in the session interface, the authentication information corresponding to the second user includes:

and determining session identification information associated with the first user and the second user in the session interface based on the first session attribute, and taking the session identification information as authentication information corresponding to the second user.

4. The method of claim 2, wherein the session attribute comprises a second session attribute, and wherein the first user and the second user are both users in a common broadcast group of the application client;

taking the enterprise identification information corresponding to the first user as first enterprise identification information, and taking the enterprise identification information corresponding to the second user as second enterprise identification information;

if the first enterprise identification information and the second enterprise identification information are enterprise identification information of the same enterprise corresponding to the public broadcast group, taking the group identification information corresponding to the public broadcast group as first session identification information corresponding to the session interface, and taking the first session identification information as authentication information corresponding to the second user;

if the first enterprise identification information and the second enterprise identification information are enterprise identification information of different enterprises corresponding to the public broadcast group, taking the group identification information corresponding to the public broadcast group as second session identification information corresponding to the session interface, and taking the first enterprise identification information and the second session identification information as authentication information corresponding to the second user.

5. The method of claim 1, wherein the second user is a user in a contact list in the application client;

determining a list attribute of the contact list in a list display interface of the application client;

determining user identification information mapped by a second user corresponding to the second account information in the list attribute, and determining scene type data corresponding to the second user according to the list attribute;

in the contact list, taking the enterprise identification information corresponding to the first user as authentication information corresponding to the second user;

6. A method for querying sensitive data, the method being performed by a server and comprising:

receiving a first data query request sent by a user terminal running with an application client based on the service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes a trigger operation; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

determining the validity of the first data query request based on the service key information;

when the first data query request is determined to be legal, sensitive data of the second user are obtained;

7. An apparatus for querying sensitive data, wherein the apparatus is operated in a user terminal, and comprises:

a first request sending module, configured to obtain user identification information, scene type data, and authentication information corresponding to the second user, use the user identification information, the scene type data, and the authentication information as service key information for querying sensitive data of the second user, and send a first data query request to a server corresponding to the application client based on the service key information; the service key information is used for indicating the server to determine the validity of the first data query request;

8. An apparatus for querying sensitive data, wherein the apparatus is run on a server, comprising:

the query request receiving module is used for receiving a first data query request sent by a user terminal running with an application client based on the service key information; the service key information comprises user identification information, scene type data and authentication information corresponding to a second user; the second user is a user to be queried determined after the first user accessing the application client through the first account information executes a trigger operation; the first user and the second user are both users after sensitive data isolation is carried out in the application client;

a validity determining module, configured to determine validity of the first data query request based on the service key information;

the data acquisition module is used for acquiring the sensitive data of the second user when the first data query request is determined to be legal;

and the data returning module is used for returning the sensitive data of the second user to the user terminal so that the user terminal outputs the sensitive data of the second user to a user information display interface of the application client.

9. A computer device, comprising: a processor, a memory, a network interface;

the processor is connected to a memory for providing data communication functions, a network interface for storing a computer program, and a processor for calling the computer program to perform the method of any one of claims 1 to 6.

10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions which, when executed by a processor, perform the method of any of claims 1-6.