CN113961956A - Method, device, equipment and medium for generating and applying tagged network information service - Google Patents

Method, device, equipment and medium for generating and applying tagged network information service Download PDF

Info

Publication number
CN113961956A
CN113961956A CN202111266593.2A CN202111266593A CN113961956A CN 113961956 A CN113961956 A CN 113961956A CN 202111266593 A CN202111266593 A CN 202111266593A CN 113961956 A CN113961956 A CN 113961956A
Authority
CN
China
Prior art keywords
network information
label
information service
encryption
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111266593.2A
Other languages
Chinese (zh)
Inventor
沈勇
张之浩
朱杰
刘明
余惠强
程晓艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN202111266593.2A priority Critical patent/CN113961956A/en
Publication of CN113961956A publication Critical patent/CN113961956A/en
Priority to PCT/CN2022/090749 priority patent/WO2023071133A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Abstract

The embodiment of the disclosure provides a method, a device, equipment and a medium for generating and applying a tagged network information service, and relates to the technical field of network data security. The method for generating the tagged network information service comprises the following steps: acquiring basic network information of the network information service, generating basic label information according to the basic network information, encrypting the basic label information according to a preset encryption rule, and generating a network information service encryption label. According to the embodiment of the application, the label information can be added to the network information service by combining with a plurality of preset encryption rules to obtain the network information service encryption label, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption label, the provider can conveniently and automatically identify various information of the network service according to the network information service encryption label, various feedbacks of the user can be automatically processed, the service efficiency can be improved, various feedbacks of the user to the network information service can be responded in time, and the labor cost is saved.

Description

Method, device, equipment and medium for generating and applying tagged network information service
Technical Field
The invention relates to the technical field of network data security, in particular to a method, a device, equipment and a storage medium for generating and applying a labeled network information service.
Background
With the increasing digitalization degree in the world today, various organizations in society are digitalizing their business processes, thereby creating a large number of network information services, such as HTTP services, POP3 services, SSH services, etc., and people consume digital products directly in more and more fields, creating more and more network information services.
Different from the real world, the system is provided with an identity identification or quality tracing label so as to be beneficial to identifying a provider and tracing the production process, such as a product identity label, a production batch number and the like, a consumer can identify a producer, and the producer is convenient to find out the reasons influencing the quality of a problem product and timely takes corrective measures. However, in the digital world, for network information services, labels for effectively identifying producers and labels for tracking information of specific departments, contacts and the like in production enterprises are lacked, so that quality problems occur, and the labels are difficult to trace and repair quickly.
Disclosure of Invention
The main purpose of the embodiments of the present disclosure is to provide a method, an apparatus, a device, and a storage medium for generating and applying a tagged network information service, which are convenient for a user to obtain related information of a network information service, improve service efficiency, and save labor cost.
In order to achieve the above object, a first aspect of the embodiments of the present disclosure provides a method for generating a tagged network information service, including:
a tagged network information service generation method comprises the following steps:
acquiring basic network information of a network information service;
generating basic label information according to the basic network information;
encrypting the basic label information according to a preset encryption rule to generate the network information service encryption label;
and writing the network information service encrypted tag into a preset position in the network information service to obtain the tagged network information service.
In some embodiments, the generating of the tag basic information according to the basic network information includes:
generating the label content according to the basic network information;
storing the label content in a preset database to obtain a corresponding label number;
and obtaining the basic information of the label according to the content of the label and/or the label number.
In some embodiments, the preset encryption rule comprises: the method for generating the network information service encrypted tag by encrypting the basic information of the tag according to the preset encryption rule comprises the following steps:
when the basic information of the tag is the tag content, the encryption rule of the tag content comprises one or more of the following rules:
first tag content encryption rules:
generating a digital signature according to the label content by using an encrypted private key;
encrypting according to the digital signature and the label content to obtain the network information service encrypted label;
second tag content encryption rules:
encrypting the label content by using an encryption private key to generate the network information service encryption label;
or the like, or, alternatively,
encrypting the label content by using a preset key to generate a digital envelope;
generating the network information service encryption label according to the digital envelope;
third tag content encryption rule:
encrypting the network information service encrypted label obtained according to the first label content encryption rule or the second label content encryption rule by using an encryption private key to generate a digital signature;
encrypting according to the digital signature and the network information service encryption label to obtain an updated network information service encryption label;
when the basic information of the label is the label number, the encryption rule of the label number comprises one or more of the following rules:
fourth label number encryption rule:
generating a digital signature according to the label number by using an encrypted private key;
encrypting according to the digital signature and the label number to obtain the network information service encrypted label;
and a fifth label number encryption rule:
encrypting the label number by using an encryption private key to generate the network information service encryption label;
or the like, or, alternatively,
encrypting the label number by using a preset key to generate a digital envelope;
generating the network information service encryption label according to the digital envelope;
the sixth label number encryption rule:
encrypting the network information service encrypted label obtained according to the fourth label number encryption rule or the fifth label number encryption rule by using an encryption private key to generate a digital signature;
and encrypting according to the digital signature and the network information service encryption label to obtain an updated network information service encryption label.
In order to achieve the above object, a second aspect of the present disclosure provides a tagged network information service application method, including:
acquiring tagged network information service;
extracting a network information service encryption tag from the tagged network information service;
extracting label basic information of the network information service encrypted label according to a preset encryption rule;
acquiring corresponding basic network information according to the label basic information;
and positioning the corresponding network service according to the basic network information.
In some embodiments, further comprising: extracting the encryption information of the network information service encryption label according to a preset encryption rule;
when the encrypted information is a digital signature, verifying the validity of the digital signature and the validity of a signature certificate corresponding to the digital signature;
and after the verification is passed, acquiring corresponding basic network information according to the basic label information.
In some embodiments, further comprising:
acquiring a service state node of the tagged network information service;
and displaying corresponding basic network information according to the service state node.
In order to achieve the above object, a third aspect of the present disclosure provides a tagged network information service generating apparatus, including:
the basic network information acquisition module is used for acquiring basic network information of the network information service;
the basic label information generating module is used for generating basic label information according to the basic network information;
the encryption module is used for encrypting the basic label information according to a preset encryption rule to generate the network information service encryption label;
and the tagged network information service generation module is used for writing the network information service encrypted tag into a preset position in the network information service to obtain the tagged network information service.
In order to achieve the above object, a fourth aspect of the present disclosure provides a tagged network information service application apparatus, including:
the tagged network information service acquisition module is used for acquiring tagged network information services;
the network information service encryption tag extraction module is used for extracting a network information service encryption tag from the tagged network information service;
the label basic information extraction module is used for extracting the label basic information of the network information service encrypted label according to a preset encryption rule;
the basic network information extraction module is used for acquiring corresponding basic network information according to the label basic information;
and the network service module is used for positioning the corresponding network service according to the basic network information.
To achieve the above object, a fifth aspect of the present disclosure provides an electronic device, including:
at least one memory;
at least one processor;
at least one program;
the programs are stored in a memory and a processor executes the at least one program to implement the method of the present disclosure as described in the first aspect above or the method of the second aspect above.
To achieve the above object, a sixth aspect of the present disclosure proposes a storage medium which is a computer-readable storage medium storing computer-executable instructions for causing a computer to execute:
the method of the first aspect or the method of the second aspect as described above.
The method for generating and applying the tagged network information service, the device, the equipment and the storage medium are provided by the embodiment of the disclosure, wherein the method for generating the tagged network information service comprises the steps of acquiring basic network information of the network information service, generating basic tag information according to the basic network information, encrypting the basic tag information according to a preset encryption rule to generate a network information service encryption tag, and writing the network information service encryption tag into a preset position in the network information service to obtain the tagged network information service. According to the embodiment of the application, the label information can be added to the network information service by combining with a plurality of preset encryption rules to obtain the network information service encryption label, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption label, the provider can conveniently and automatically identify various information of the network service according to the network information service encryption label, various feedbacks of the user can be automatically processed, the service efficiency can be improved, various feedbacks of the user to the network information service can be responded in time, and the labor cost is saved.
Drawings
Fig. 1 is a flowchart of a tagged network information service generation method provided by an embodiment of the present disclosure.
Fig. 2 is a flowchart of a tagged network information service application method provided by an embodiment of the present disclosure.
Fig. 3 is a block diagram of a tagged network information service generating device according to another embodiment of the present disclosure.
Fig. 4 is a block diagram of a tagged network information service application device according to another embodiment of the present disclosure.
Fig. 5 is a schematic diagram of a hardware structure of an electronic device provided in an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
It should be noted that although functional blocks are partitioned in a schematic diagram of an apparatus and a logical order is shown in a flowchart, in some cases, the steps shown or described may be performed in a different order than the partitioning of blocks in the apparatus or the order in the flowchart.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein is for the purpose of describing embodiments of the invention only and is not intended to be limiting of the invention.
First, several terms referred to in the present application are resolved:
digital signature: the digital signature (also called public key digital signature) is a section of digital string which can be generated only by the sender of the information and cannot be forged by others, and the section of digital string is also a valid proof for the authenticity of the information sent by the sender of the information. It is a method for authenticating digital information that is similar to a common physical signature written on paper, but is implemented using techniques in the field of public key cryptography. A set of digital signatures typically defines two complementary operations, one for signing and the other for verification. Simply put, a digital signature is some data appended to a data unit or a cryptographic transformation performed on a data unit that allows the recipient of the data unit to verify the source of the data unit and the integrity of the data unit and to protect the data from being counterfeited by a person (e.g., the recipient). Which is a method of signing a message in electronic form, a signed message being capable of being transmitted in a communication network. The digital signature can be obtained based on a public key cryptosystem and a private key cryptosystem, and mainly is a digital signature based on the public key cryptosystem, including a common digital signature and a special digital signature. Common digital signature algorithms include RSA, ElGamal, Fiat-Shamir, Guillou-Quisquarter, Schnorr, Ong-Schnorr-Shamir digital signature algorithm, Des/DSA, elliptic curve digital signature algorithm, finite automaton digital signature algorithm and the like. The special digital signature includes blind signature, proxy signature, group signature, undeniable signature, fair blind signature, threshold signature, signature with message recovery function, etc., and is closely related to a specific application environment.
Digital envelope: the method refers to data obtained after a sender encrypts a symmetric key by using a public key of a receiver, and aims to ensure the security of symmetric key transmission. When the digital envelope is adopted, the receiver can open the digital envelope by using the own private key to obtain the symmetric key. The digital envelope technology combines the advantages of symmetric key encryption and public key encryption, solves the problems of the security issue of the symmetric key and the low encryption speed of the public key, and improves the security, the expansibility, the efficiency and the like.
Private key: private key encryption algorithms use a single private key to encrypt and decrypt data. Since any party with a key can decrypt data using the key, the key must be protected from unauthorized agents. Private key encryption is also known as symmetric encryption because the same key is used for both encryption and decryption. Private key cryptographic algorithms are very fast (compared to public key algorithms) and are particularly suitable for performing cryptographic transformations on large data streams. Typically, a private key algorithm (called a block cipher) is used to encrypt one block of data at a time.
And (3) secret key: are parameters that are input in an algorithm that converts plaintext into ciphertext or converts ciphertext into plaintext. Keys are divided into symmetric keys and asymmetric keys. According to whether the encryption key and the decryption key used by the cryptographic algorithm are the same or not and whether the decryption process can be derived from the encryption process (or whether the encryption process can be derived from the decryption process), the cryptosystem can be divided into a symmetric cryptosystem and an asymmetric cryptosystem, which are respectively as follows: 1) symmetric key encryption, also known as private key encryption or session key encryption algorithm, is the use of the same key by both the sender and receiver of information to encrypt and decrypt data. Its most important advantage is that it is quick in encryption/decryption speed, suitable for encrypting large data volume, but difficult in key management. 2) Asymmetric key encryption systems, also known as public key encryption. It requires the use of different keys to perform the encryption and decryption operations separately, one being publicly distributed, i.e. public keys, and the other being kept secret by the user himself, i.e. private keys. The sender of the message is decrypted using the public key and the recipient of the message is decrypted using the private key. Public key mechanisms are flexible, but encryption and decryption speeds are much slower than symmetric key encryption.
With the increasing digitalization degree in the world today, various organizations in society are digitalizing their business processes, thereby creating a large number of network information services, such as HTTP services, POP3 services, SSH services, etc., and people consume digital products directly in more and more fields, creating more and more network information services.
In the physical world, the necessary and reliable labels are carried out on products so as to be beneficial to identifying providers and tracing production processes, such as product identity labels, production batch numbers and the like. This is equally significant to consumers and producers: the consumer can be used to authenticate the producer; the producer is convenient for the problem product to find out the reason influencing the quality and takes corrective measures in time. Different from the real world, in the digital world, for network information service, a label for effectively identifying a producer and a label for tracking information of a specific responsible department, a contact person and the like in a production enterprise are lacked, so that quality problems occur, and the rapid tracing and repairing are difficult to perform at a time.
Based on this, the embodiments of the present disclosure provide a network information service generation method, an application method, a device, and a storage medium, which can add tag information to a network information service in combination with multiple preset encryption rules to obtain a network information service encryption tag, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption tag, and the provider can conveniently identify various information of the network service according to the network information service encryption tag, automatically process various feedbacks of the user, can improve service efficiency, respond to various feedbacks of the user to the network information service in time, and save labor cost.
The embodiment of the present disclosure provides a method and an apparatus for generating a tagged network information service, an electronic device, and a storage medium, which are specifically described with reference to the following embodiments, first, a method for generating a tagged network information service in the embodiment of the present disclosure is described.
The embodiment of the disclosure provides a generation method and an application method of a tagged network information service, and relates to the technical field of network data security. The generation method and the application method of the tagged network information service provided by the embodiment of the disclosure can be applied to a terminal, a server side and software running in the terminal or the server side. In some embodiments, the terminal may be a smartphone, tablet, laptop, desktop computer, smart watch, or the like; the server can be an independent server, and can also be a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, Network service, cloud communication, middleware service, domain name service, security service, Content Delivery Network (CDN), big data and artificial intelligence platform and the like; the software may be an application or the like implementing the tagged network information service generation method and application method, but is not limited to the above form.
The application is operational with numerous general purpose or special purpose computing system environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like. The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
Fig. 1 is an optional flowchart of a tagged network information service generation method provided by an embodiment of the present disclosure, and the method in fig. 1 may include, but is not limited to, steps S101 to S105.
Step S101, acquiring basic network information of the network information service.
In one embodiment, the basic network information includes: one or more of network service name, network service responsible person, network service release time information or feedback information submitting mode, wherein the network service responsible person comprises: the network service responsible department and the network service responsible person, the network service time information comprises: a network service release time and a network service time window. It is to be understood that the basic network information is illustrated herein and is not representative of only the types described above.
In one embodiment, the basic network information is selected differently because the network information network services have different contents and require different encryption tag purposes. For example, in order to quickly identify whether a network service belongs to an organization and help the organization quickly locate an internal responsible department and a contact person, so as to quickly respond to various requests for the service, there may be two application scenarios:
1) the organization finds that a network information service has security vulnerabilities and needs to be repaired urgently through an automatic vulnerability scanner, and the organization can automatically allocate repair tasks and track progress according to the feedback of the scanner (for example, basic network information can be obtained from the feedback information) and positioning the responsible department and the contact of the network service. In this scenario, the basic network information at least includes: the network service name, a possible case, the organization can directly determine the network service responsible department and the network service responsible person from the network service name, another possible case, the organization needs to determine the network service responsible department and the network service responsible person by combining the network service publishing time and the corresponding network service time window (possibly different service time windows correspond to different responsible persons), and yet another possible case, the organization needs to determine the service path (such as different network service platforms and the like) of the network information service by means of feedback information submission, thereby determining the network service responsible department and the network service responsible person.
2) The user finds out a quality problem of the network information service, the provider of the network information service can be quickly determined and fed back to the user, and the organization can automatically locate the responsible department and the contact of the network service according to the user feedback (for example, basic network information can be obtained from the feedback information), automatically allocate the repair task and track the progress. In this scenario, the basic network information at least includes: the network service name and feedback information submitting mode is one possible case, the organization can directly determine the network service responsible department and the network service responsible person from the network service name and feedback information submitting mode, and the organization needs to determine the network service responsible department and the network service responsible person by combining the network service publishing time and the corresponding network service time window (possibly different service time windows correspond to different responsible persons).
And step S102, generating basic label information according to the basic network information.
In an embodiment, for step S102, there are two ways to obtain the basic information of the tag, which are:
1) and generating label content according to the basic network information. In the method, according to a preset tag content format, the preset format may be an internally agreed format, and is not specifically limited herein, the tag content is directly generated from the basic network information.
2) And storing the label content in a preset database to obtain a corresponding label number. In the method, the label content is obtained according to the first method, if the label content is longer, the label content can be stored in a preset database in advance, each label content generates a label number, and the label content can be inquired through the label number, so that the label number corresponds to the label content one to one.
The tag basic information is obtained in the above two ways, that is, the tag basic information may be the tag content, the tag number, or the tag content + tag number.
And step S103, encrypting the basic label information according to a preset encryption rule to generate a network information service encryption label.
In one embodiment, a network information service encryption tag is used to embed a network information service to generate a tagged network information service. The preset encryption rules are divided into the following parts according to the form of the basic information of the label: a tag content encryption rule and a tag number encryption rule.
When the label basic information is label content, the label content encryption rule comprises one or more of the following:
1) first tag content encryption rules:
and generating a digital signature according to the label content by using the encryption private key, and then encrypting according to the digital signature and the label content to obtain the network information service encryption label, wherein the digital signature can effectively prevent the label content from being tampered, so that the user verification and the self verification of a service provider are facilitated. In an embodiment, the encryption private key is a key of an asymmetric algorithm, and the network information service encryption tag obtained by encrypting the digital signature and the tag content includes a corresponding digital certificate.
2) Second tag content encryption rules:
and encrypting the label content by using the encryption private key to generate the network information service encryption label. In an embodiment, the encryption private key is a key of an asymmetric algorithm, and the encryption private key is directly used for encrypting the label content to serve as the network information service encryption label.
Or encrypting the label content by using a preset key to generate a digital envelope, and then generating the network information service encryption label according to the digital envelope. In an embodiment, the preset key is a key of an asymmetric algorithm, and when the content of the tag is long, the content of the tag is encrypted to generate a digital envelope, and then the network information service encrypted tag is generated according to the digital envelope.
3) Third tag content encryption rule:
and encrypting the network information service encrypted tag obtained according to the first tag content encryption rule or the second tag content encryption rule by using an encryption private key to generate a digital signature, and encrypting according to the digital signature and the network information service encrypted tag to obtain an updated network information service encrypted tag. In an embodiment, to implement a tamper-resistant mechanism, the network information service encryption tag obtained according to the first tag content encryption rule or the second tag content encryption rule is encrypted again by using an encryption private key (the encryption private key here may be selected according to actual requirements) to generate a digital signature, and then the network information service encryption tag is encrypted according to the digital signature to obtain an updated network information service encryption tag.
In addition, it can be understood that, if in a trusted environment, in order to quickly locate the tag basic information included in the network information service, the content of the tag may be presented in a plaintext manner, that is, the network information service encrypts the tag, that is, the tag basic information presented in the plaintext.
When the basic information of the label is the label number, the encryption rule of the label number comprises one or more of the following:
4) fourth label number encryption rule:
and generating a digital signature according to the label number by using the encryption private key, and encrypting according to the digital signature and the label number to obtain the network information service encryption label. In an embodiment, the encryption private key is a key of an asymmetric algorithm, and the network information service encryption tag obtained by encrypting according to the digital signature and the tag number includes a corresponding digital certificate.
5) And a fifth label number encryption rule:
and encrypting the label number by using the encryption private key to generate a network information service encryption label. In an embodiment, the encryption private key is a key of an asymmetric algorithm, and the encryption private key is directly used for encrypting the label as the network information service encryption label.
Or encrypting the label number by using a preset key to generate a digital envelope, and generating a network information service encrypted label according to the digital envelope. In an embodiment, the preset key is a key of an asymmetric algorithm, and when the tag number is longer, the tag number is encrypted to generate a digital envelope, and then a network information service encrypted tag is generated according to the digital envelope.
6) The sixth label number encryption rule:
and encrypting the network information service encrypted tag obtained according to the fourth tag number encryption rule or the fifth tag number encryption rule by using an encryption private key to generate a digital signature, and encrypting according to the digital signature and the network information service encrypted tag to obtain an updated network information service encrypted tag. In an embodiment, in order to implement a tamper-resistant mechanism, the network information service encryption tag obtained according to the fourth tag number encryption rule or the fifth tag number encryption rule is encrypted again by using an encryption private key (the encryption private key here may be selected according to actual requirements) to generate a digital signature, and then the network information service encryption tag is encrypted according to the digital signature to obtain an updated network information service encryption tag.
In addition, it can be understood that, in a trusted environment, when the tag content is long, in order to control the length of the network information service encryption tag and to quickly locate the tag basic information contained in the network information service, the tag content may be stored in an internal database in clear text, and then the tag number may be displayed in the network information service encryption tag.
It can be understood that the preset encryption rules may be selected or combined as required, for example, part of the tag information is provided as plaintext, and part of the tag information is provided as ciphertext; the signature protection is provided in part, and the signature protection is not provided in part, which is not specifically limited herein.
And step S104, writing the network information service encrypted tag into a preset position in the network information service to obtain the tagged network information service.
In an embodiment, the preset location may be a location convenient for a user to obtain, for example, Banner information, where Banner is a setting that is commonly used by a network service to provide some basic information about a service to the user, and the tagged network information service includes the above network information service encryption tag and a corresponding tag production description in the network information service, so that the user can analyze a usage tag according to the tag production description. In a specific application scenario, the following table is an example of some common network information services and their default Banner information.
Reference numerals Network information service Sample Default Banner information
1 Nginx Nginx/1.18.0;
2 IIS Microsoft-IIS/8.0
3 SSH SSH-2.0-OPENSSH_6.0P1
4 Apache HTTPD Apache/2.4.6
In an embodiment, after the tagged network information service is obtained, the tagged network information service is brought online, and a corresponding network information service is provided for a relevant user.
Since the tagged network information service provided in this embodiment includes the network information service encryption tag, the network information service encryption tag information (or the basic network information after decryption operation) can be displayed according to the requirement on different service state nodes of the network information service, which are appointed by the network service provider, for example, on different service state nodes of an online tagged network service such as installation, invocation, update, and the like, so that the user can obtain the corresponding feedback path in time when needing to perform feedback.
The method for generating the tagged network information service provided by the embodiment of the disclosure obtains basic network information of the network information service, generates tag basic information according to the basic network information, encrypts the tag basic information according to a preset encryption rule to generate a network information service encryption tag, and writes the network information service encryption tag into a preset position in the network information service to obtain the tagged network information service. According to the embodiment of the application, the label information can be added to the network information service by combining with a plurality of preset encryption rules to obtain the network information service encryption label, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption label, the provider can conveniently and automatically identify various information of the network service according to the network information service encryption label, various feedbacks of the user can be automatically processed, the service efficiency can be improved, various feedbacks of the user to the network information service can be responded in time, and the labor cost is saved.
Fig. 2 is an alternative flowchart of a tagged network information service application method provided by the embodiment of the present disclosure, including but not limited to steps S210 to S250.
Step S210, acquiring tagged network information service, in this embodiment, the user acquires tagged network information service from the network information service.
Step S220, extracting the network information service encryption tag from the tagged network information service.
In an embodiment, the user obtains the network information service encryption tag through a preset obtaining method according to the tagged network information service obtained by the user, where the preset obtaining method is, for example, a preset path, a preset method, or a preset location (for example, Banner information). The network information service encryption tag is generated according to the generation method of the tagged network information service in the above embodiment. Because the tagged network information service means that the network information service comprises the network information service encryption tag and the corresponding tag making instruction, the user can obtain each component of the network information service encryption tag according to the tag making instruction, such as a preset encryption rule.
Step S230, extracting the basic tag information of the network information service encrypted tag according to a preset encryption rule, and further extracting the encrypted information of the network information service encrypted tag.
In an embodiment, for example, if the preset encryption rule is the first tag content encryption rule, the tag content and the digital signature of the network information service encrypted tag are extracted by using the corresponding encryption key. When the encrypted information is a digital signature, the user needs to perform tag validity verification, which mainly verifies the validity of the digital signature and the validity of the signature certificate corresponding to the digital signature, and after the verification is passed, the step S240 is performed.
Step S240, obtaining corresponding basic network information according to the basic label information, in this embodiment, decoding the format of the basic label information to obtain corresponding basic network information.
And step S250, providing corresponding network service according to the basic network information.
In an embodiment, after the verification is passed, no matter whether the internal and external users are in the network information service provider, which organization is determined according to the digital signature, and meanwhile, when the organization receives the feedback of the user, as long as the organization can decrypt by using a preset private key according to the label basic information carried in the feedback (for example, whether the label basic information is encrypted or not, if the label basic information is a label number, the organization can inquire the label content corresponding to the label number through an internal database), the organization can automatically and quickly locate which network service the organization is according to the label basic information, and which department should process the feedback of the user or improve the quality of the service. For example, a user feeds back that a certain service has a security vulnerability and needs to be repaired urgently, the user can uniquely determine a service provider through a digital signature, and the service provider carries out treatment through a tag basic information in the feedback and an internal responsible team and a contact person of the automatic positioning service.
In an embodiment, since the tagged network information service provided in this embodiment includes a network information service encryption tag, a service state node of the tagged network information service may be obtained according to an agreement with a network service provider, and corresponding basic network information is displayed at different network state nodes, so that a user can obtain a corresponding feedback path in time when the user needs to perform feedback.
For example, a user finds a quality problem of the network information service, the provider of the network information service can be quickly determined according to the displayed basic information of the label, and feedback is given to the provider (for example, the use vulnerability of the network information service needs to be repaired urgently), the organization can quickly locate the internal responsible department and the contact according to the feedback of the user (for example, the basic network information can be obtained from the feedback information), so as to quickly respond to various requests for the service, automatically locate the responsible department and the contact of the network service, automatically allocate the repair task and track the progress. In this scenario, the basic network information at least includes: the network service name, the network service release time, the corresponding network service time window and the feedback information submitting mode are determined, and therefore a network service responsible department and a network service responsible person are determined.
The application method of the tagged network information service provided by the embodiment of the disclosure extracts the network information service encryption tag from the tagged network information service by acquiring the tagged network information service, extracts the tag basic information of the network information service encryption tag according to the preset encryption rule, acquires the corresponding basic network information according to the tag basic information, and positions the corresponding network service according to the basic network information. According to the embodiment of the application, the label information can be added to the network information service by combining with a plurality of preset encryption rules to obtain the network information service encryption label, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption label, the provider can conveniently and automatically identify various information of the network service according to the network information service encryption label, various feedbacks of the user can be automatically processed, the service efficiency can be improved, various feedbacks of the user to the network information service can be responded in time, and the labor cost is saved.
Fig. 3 is an optional structural block diagram of the tagged network information service generating device according to the embodiment of the present disclosure, and includes:
a basic network information obtaining module 310, configured to obtain basic network information of a network information service;
a tag basic information generating module 320, configured to generate tag basic information according to the basic network information;
the encryption module 330 is configured to encrypt the basic tag information according to a preset encryption rule to generate a network information service encrypted tag;
the tagged network information service generating module 340 is configured to write the network information service encryption tag into a preset position in the network information service, so as to obtain a tagged network information service.
The embodiment of the present disclosure further provides a network information service encrypted tag application apparatus, which can implement the network information service encrypted tag application method, and fig. 4 is an optional structural block diagram of the labeled network information service application apparatus provided in the embodiment of the present disclosure, and includes:
a tagged network information service obtaining module 410, configured to obtain a tagged network information service;
a network information service encryption tag extraction module 420, configured to extract a network information service encryption tag from a tagged network information service;
the tag basic information extracting module 430 is configured to extract tag basic information of the network information service encrypted tag according to a preset encryption rule;
a basic network information extraction module 440, configured to obtain corresponding basic network information according to the tag basic information;
the network service module 450 is configured to locate a corresponding network service according to the basic network information.
The specific implementation of the tagged network information service generating apparatus of this embodiment is basically the same as the specific implementation of the tagged network information service generating method, and is not described herein again.
An embodiment of the present disclosure further provides an electronic device, including:
at least one memory;
at least one processor;
at least one program;
the programs are stored in the memory, and the processor executes the at least one program to implement the present disclosure to implement the tagged network information service generation method described above. The electronic device can be any intelligent terminal including a mobile phone, a tablet computer, a Personal Digital Assistant (PDA for short), a vehicle-mounted computer and the like.
Referring to fig. 5, fig. 5 illustrates a hardware structure of an electronic device according to another embodiment, where the electronic device includes:
the processor 501 may be implemented by a general-purpose CPU (central processing unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits, and is configured to execute a relevant program to implement the technical solution provided by the embodiment of the present disclosure;
the memory 502 may be implemented in a ROM (read only memory), a static memory device, a dynamic memory device, or a RAM (random access memory). The memory 502 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present disclosure is implemented by software or firmware, the relevant program codes are stored in the memory 502 and called by the processor 501 to execute the tagged network information service generating method according to the embodiments of the present disclosure;
an input/output interface 503 for implementing information input and output;
the communication interface 504 is used for realizing communication interaction between the device and other devices, and can realize communication in a wired manner (for example, USB, network cable, etc.) or in a wireless manner (for example, mobile network, WIFI, bluetooth, etc.); and
a bus 505 that transfers information between various components of the device (e.g., the processor 501, the memory 502, the input/output interface 503, and the communication interface 504);
wherein the processor 501, the memory 502, the input/output interface 503 and the communication interface 504 are communicatively connected to each other within the device via a bus 505.
The embodiment of the present disclosure also provides a storage medium, which is a computer-readable storage medium, and the computer-readable storage medium stores computer-executable instructions, where the computer-executable instructions are used to make a computer execute the labeled network information service generating method.
The generation method, the application method, the equipment and the storage medium of the tagged network information service provided by the embodiment of the disclosure can be combined with various preset encryption rules to add tag information to the network information service to obtain the network information service encryption tag, so that a user of the network service can conveniently identify a network service provider according to the network information service encryption tag, the provider can conveniently and automatically identify various information of the service according to the network information service encryption tag, various feedbacks of the user can be automatically processed, the service efficiency can be improved, various feedbacks of the user to the network information service can be responded in time, and the labor cost is saved.
The memory, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory located remotely from the processor, and these remote memories may be connected to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The embodiments described in the embodiments of the present disclosure are for more clearly illustrating the technical solutions of the embodiments of the present disclosure, and do not constitute a limitation to the technical solutions provided in the embodiments of the present disclosure, and it is obvious to those skilled in the art that the technical solutions provided in the embodiments of the present disclosure are also applicable to similar technical problems with the evolution of technology and the emergence of new application scenarios.
It will be appreciated by those skilled in the art that the solutions shown in fig. 1-5 are not intended to limit the embodiments of the present disclosure, and may include more or fewer steps than those shown, or some of the steps may be combined, or different steps.
The above-described embodiments of the apparatus are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may also be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
One of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.
The terms "first," "second," "third," "fourth," and the like in the description of the application and the above-described figures, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" for describing an association relationship of associated objects, indicating that there may be three relationships, e.g., "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes multiple instructions for causing a computer device (which may be a personal computer, a server, or a network device) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing programs, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The preferred embodiments of the present disclosure have been described above with reference to the accompanying drawings, and therefore do not limit the scope of the claims of the embodiments of the present disclosure. Any modifications, equivalents and improvements within the scope and spirit of the embodiments of the present disclosure should be considered within the scope of the claims of the embodiments of the present disclosure by those skilled in the art.

Claims (10)

1. A method for generating a tagged network information service is characterized by comprising the following steps:
acquiring basic network information of a network information service;
generating basic label information according to the basic network information;
encrypting the basic label information according to a preset encryption rule to generate the network information service encryption label;
and writing the network information service encrypted tag into a preset position in the network information service to obtain the tagged network information service.
2. The method for generating tagged network information service according to claim 1, wherein said generating tag basic information according to said basic network information comprises:
generating the label content according to the basic network information;
storing the label content in a preset database to obtain a corresponding label number;
and obtaining the basic information of the label according to the content of the label and/or the label number.
3. The tagged network information service generating method of any one of claims 1 or 2, wherein the preset encryption rule comprises: the method for generating the network information service encrypted tag by encrypting the basic information of the tag according to the preset encryption rule comprises the following steps:
when the basic information of the tag is the tag content, the encryption rule of the tag content comprises one or more of the following rules:
first tag content encryption rules:
generating a digital signature according to the label content by using an encrypted private key;
encrypting according to the digital signature and the label content to obtain the network information service encrypted label;
second tag content encryption rules:
encrypting the label content by using an encryption private key to generate the network information service encryption label;
or the like, or, alternatively,
encrypting the label content by using a preset key to generate a digital envelope;
generating the network information service encryption label according to the digital envelope;
third tag content encryption rule:
encrypting the network information service encrypted label obtained according to the first label content encryption rule or the second label content encryption rule by using an encryption private key to generate a digital signature;
encrypting according to the digital signature and the network information service encryption label to obtain an updated network information service encryption label;
when the basic information of the label is the label number, the encryption rule of the label number comprises one or more of the following rules:
fourth label number encryption rule:
generating a digital signature according to the label number by using an encrypted private key;
encrypting according to the digital signature and the label number to obtain the network information service encrypted label;
and a fifth label number encryption rule:
encrypting the label number by using an encryption private key to generate the network information service encryption label;
or the like, or, alternatively,
encrypting the label number by using a preset key to generate a digital envelope;
generating the network information service encryption label according to the digital envelope;
the sixth label number encryption rule:
encrypting the network information service encrypted label obtained according to the fourth label number encryption rule or the fifth label number encryption rule by using an encryption private key to generate a digital signature;
and encrypting according to the digital signature and the network information service encryption label to obtain an updated network information service encryption label.
4. A method for applying a labeled network information service is characterized by comprising the following steps:
acquiring tagged network information service;
extracting a network information service encryption tag from the tagged network information service;
extracting label basic information of the network information service encrypted label according to a preset encryption rule;
acquiring corresponding basic network information according to the label basic information;
and positioning the corresponding network service according to the basic network information.
5. The tagged web information service application method of claim 4, further comprising: extracting the encryption information of the network information service encryption label according to a preset encryption rule;
when the encrypted information is a digital signature, verifying the validity of the digital signature and the validity of a signature certificate corresponding to the digital signature;
and after the verification is passed, acquiring corresponding basic network information according to the basic label information.
6. The tagged web information service application method of claim 5, further comprising:
acquiring a service state node of the tagged network information service;
and displaying corresponding basic network information according to the service state node.
7. A tagged network information service generation apparatus, comprising:
the basic network information acquisition module is used for acquiring basic network information of the network information service;
the basic label information generating module is used for generating basic label information according to the basic network information;
the encryption module is used for encrypting the basic label information according to a preset encryption rule to generate the network information service encryption label;
and the tagged network information service generation module is used for writing the network information service encrypted tag into a preset position in the network information service to obtain the tagged network information service.
8. A tagged web information service application apparatus, comprising:
the tagged network information service acquisition module is used for acquiring tagged network information services;
the network information service encryption tag extraction module is used for extracting a network information service encryption tag from the tagged network information service;
the label basic information extraction module is used for extracting the label basic information of the network information service encrypted label according to a preset encryption rule;
the basic network information extraction module is used for acquiring corresponding basic network information according to the label basic information;
and the network service module is used for positioning the corresponding network service according to the basic network information.
9. An electronic device, comprising:
at least one memory;
at least one processor;
at least one program;
the programs are stored in a memory, and a processor executes the at least one program to implement:
the method of any one of claims 1 to 3, or the method of any one of claims 4 to 6.
10. A storage medium that is a computer-readable storage medium having stored thereon computer-executable instructions for causing a computer to perform:
the method of any one of claims 1 to 3, or the method of any one of claims 4 to 6.
CN202111266593.2A 2021-10-28 2021-10-28 Method, device, equipment and medium for generating and applying tagged network information service Pending CN113961956A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202111266593.2A CN113961956A (en) 2021-10-28 2021-10-28 Method, device, equipment and medium for generating and applying tagged network information service
PCT/CN2022/090749 WO2023071133A1 (en) 2021-10-28 2022-04-29 Tagged network information service generation and application method and apparatus, device and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111266593.2A CN113961956A (en) 2021-10-28 2021-10-28 Method, device, equipment and medium for generating and applying tagged network information service

Publications (1)

Publication Number Publication Date
CN113961956A true CN113961956A (en) 2022-01-21

Family

ID=79467993

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111266593.2A Pending CN113961956A (en) 2021-10-28 2021-10-28 Method, device, equipment and medium for generating and applying tagged network information service

Country Status (2)

Country Link
CN (1) CN113961956A (en)
WO (1) WO2023071133A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114915472A (en) * 2022-05-17 2022-08-16 广东电网有限责任公司 Safety operation and maintenance control center, safety operation and maintenance control method and readable storage medium
WO2023071133A1 (en) * 2021-10-28 2023-05-04 平安科技(深圳)有限公司 Tagged network information service generation and application method and apparatus, device and medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116455585B (en) * 2023-06-15 2023-09-05 浪潮软件科技有限公司 Secure communication method and device based on multiple blind signatures

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101794288B (en) * 2009-12-25 2012-04-18 北京大学 Network service description information acquisition method and network service description information acquisition device
US20150156207A1 (en) * 2013-12-02 2015-06-04 Institute For Information Industry Network service system and network service utilizing method thereof
CN109041033A (en) * 2018-09-14 2018-12-18 杭州若奇技术有限公司 Smart machine distribution method and system based on RFID
CN113469716A (en) * 2021-07-20 2021-10-01 山东省计算中心(国家超级计算济南中心) Product tracing method and system based on block chain and identification analysis
CN113961956A (en) * 2021-10-28 2022-01-21 平安科技(深圳)有限公司 Method, device, equipment and medium for generating and applying tagged network information service

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023071133A1 (en) * 2021-10-28 2023-05-04 平安科技(深圳)有限公司 Tagged network information service generation and application method and apparatus, device and medium
CN114915472A (en) * 2022-05-17 2022-08-16 广东电网有限责任公司 Safety operation and maintenance control center, safety operation and maintenance control method and readable storage medium
CN114915472B (en) * 2022-05-17 2024-04-05 广东电网有限责任公司 Security operation and maintenance control center, security operation and maintenance control method and readable storage medium

Also Published As

Publication number Publication date
WO2023071133A1 (en) 2023-05-04

Similar Documents

Publication Publication Date Title
US20220342973A1 (en) Systems, apparatus and methods for secure electrical communication of biometric personal identification information to validate the identity of an individual
CN107770159B (en) Vehicle accident data recording method and related device and readable storage medium
CN111835511A (en) Data security transmission method and device, computer equipment and storage medium
US10559049B2 (en) Digital passport country entry stamp
CN103152182B (en) A kind of electronic data authentication verification method
CN113961956A (en) Method, device, equipment and medium for generating and applying tagged network information service
WO2020233373A1 (en) Application configuration file management method and device
CN107248984B (en) Data exchange system, method and device
CN108664798B (en) Information encryption method and device
CN110100422B (en) Data writing method and device based on block chain intelligent contract and storage medium
CN112215608A (en) Data processing method and device
CN104618107A (en) Digital signature method and system
CN109905351B (en) Method, device, server and computer readable storage medium for storing data
CN110597836B (en) Information inquiry request response method and device based on block chain network
CN104734851A (en) Electronic seal method and system
CN108022194A (en) Law-enforcing recorder and its data safety processing method, server and system
CN110598433A (en) Anti-counterfeiting information processing method and device based on block chain
CN114500093A (en) Safe interaction method and system for message information
CN111079190A (en) Block chain supply chain transaction hiding dynamic supervision system and method
CN108062713B (en) Annuity data file obtaining method and device, computer equipment and storage medium
CN110708155B (en) Copyright information protection method, copyright information protection system, copyright confirming method, copyright confirming device, copyright confirming equipment and copyright confirming medium
CN110175471B (en) File storage method and system
CN108140336B (en) Secret authentication code adding device, secret authentication code adding method, and recording medium
CN115085934A (en) Contract management method based on block chain and combined key and related equipment
CN111753018B (en) E-letter method, system and computer equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40062557

Country of ref document: HK