CN114091072A - Data processing method and device - Google Patents
Data processing method and device Download PDFInfo
- Publication number
- CN114091072A CN114091072A CN202111405458.1A CN202111405458A CN114091072A CN 114091072 A CN114091072 A CN 114091072A CN 202111405458 A CN202111405458 A CN 202111405458A CN 114091072 A CN114091072 A CN 114091072A
- Authority
- CN
- China
- Prior art keywords
- data
- desensitized
- digital envelope
- check code
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The application provides a data processing method and a device, the method can be applied to a client in a data security system, the data security system comprises a server and a plurality of clients, and the method is carried out after digital envelope message content is obtained according to distribution information and distribution information check codes of desensitization data items; the digital envelope message ciphertext and the key ciphertext can be combined to obtain a digital envelope; finally, processing the digital envelope to obtain desensitized data carrying a private key signature check code; that is, the method provided by the application can be suitable for the circulation situation of data assets at multiple nodes, the safety of information distribution and circulation information on the propagation link can be guaranteed by using the data envelope, the confidentiality is high, and all nodes on the propagation link cannot know circulation information except upstream and downstream nodes.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a data processing method and device.
Background
In the information age, data usually contains huge social value and economic value and becomes precious resources. With the increasing demand for network data sharing and data exchange, attackers are often given the opportunity to take advantage of effective security control and protection measures.
At present, data security is generally ensured by some security technical means, such as data watermarking, data desensitization and the like; however, the existing data watermarking and data desensitization modes are not suitable for the condition that data assets circulate among multiple nodes, and the safety is low.
Disclosure of Invention
Therefore, the application provides a data processing method and device to solve the problems that the existing data watermarking and data desensitization mode is not suitable for the multi-node circulation condition of data assets and the safety is low.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
the invention discloses a data processing method, which is applied to a client in a data security system, wherein the data security system comprises a server and a plurality of clients, and the method comprises the following steps:
after receiving data to be desensitized, determining desensitization data items needing desensitization in the data to be desensitized;
obtaining digital envelope message content according to the distribution information and the distribution information check code of the desensitization data item; the distribution information check code is obtained by encrypting the distribution information in a preset encryption mode;
combining the digital envelope message ciphertext and the secret key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting a digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server;
and processing the digital envelope to obtain desensitized data carrying a private key signature check code.
Optionally, in the data processing method, determining a desensitization data item requiring desensitization in the data to be desensitized includes:
determining a data row and a data column where a desensitization field in the data to be desensitized is located;
taking the data row and the data column as the desensitization data item.
Optionally, in the data processing method, the processing the digital envelope to obtain desensitized data carrying a private key signature check code includes:
generating watermark information of the digital envelope by using an expansion matrix;
and filling the watermark information into the desensitized data item, and adding the private key signature check code to the data filled with the watermark information to obtain the desensitized data.
The second aspect of the present invention discloses a data processing apparatus, which is applied to a client in a data security system, wherein the data security system comprises a server and a plurality of clients, and the apparatus comprises:
the device comprises a first determining unit, a second determining unit and a control unit, wherein the first determining unit is used for determining desensitization data items needing desensitization in the data to be desensitized after receiving the data to be desensitized;
the second determining unit is used for obtaining the content of the digital envelope message according to the distribution information and the distribution information check code of the desensitization data item; the distribution information check code is obtained by encrypting the distribution information in a preset encryption mode;
the first combination unit is used for combining the digital envelope message ciphertext and the secret key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting a digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server;
and the first processing unit is used for processing the digital envelope to obtain desensitized data carrying a private key signature check code.
The third aspect of the present invention discloses a data processing method, which is applied to a server in a data security system, wherein the data security system comprises the server and a plurality of clients, and the method comprises:
determining the type of the received user request;
if the received user request type is a divulgence tracing request, responding to the divulgence tracing request, and acquiring the divulged desensitized data;
determining a digital envelope corresponding to the compromised desensitized data based on the compromised desensitized data;
and decrypting the digital envelope by using a private key of the server side to determine a divulgence occurrence node of the leaked desensitized data.
Optionally, in the data processing method, determining, based on the compromised desensitized data, a digital envelope corresponding to the compromised desensitized data includes:
extracting data in the divulged desensitized data to obtain watermark information in a desensitized field;
and processing the watermark information by using a contraction matrix to obtain the digital envelope.
Optionally, in the data processing method, after decrypting the digital envelope by using the private key of the server and determining a divulgence node of the leaked desensitized data, the method further includes:
verifying the integrity of the compromised desensitized data based on the compromise generating node.
Optionally, in the data processing method, after determining the received user request type, if the received user request type is a tamper determination request, the method further includes:
responding the tampering judgment request, and respectively comparing the first check code with the second check code aiming at the desensitized data of each node; the first check code is obtained by calculation according to desensitized data received by the node; the second check code is a private key signature check code of an upstream node of the node;
and if the comparison result is inconsistent, judging that the data tampering occurs on the upstream node of the node.
Optionally, in the data processing method, if the comparison result is consistent, it is determined that the upstream node of the node has not been tampered with data.
The fourth aspect of the present invention discloses a data processing apparatus, which is applied to a server in a data security system, wherein the data security system comprises the server and a plurality of clients, and the apparatus comprises:
a third determining unit, configured to determine a type of the received user request;
the first response acquisition unit is used for responding to the divulgence tracing request and acquiring the divulgence desensitized data if the type of the received user request is the divulgence tracing request;
a fourth determining unit, configured to determine, based on the compromised desensitized data, a digital envelope corresponding to the compromised desensitized data;
and a fifth determining unit, configured to decrypt the digital envelope with a private key of the server, and determine a divulgence node of the leaked desensitized data.
The invention provides a data processing method, a client in a data security system, the data security system comprises a server and a plurality of clients, the method comprises the following steps: after receiving data to be desensitized, determining desensitization data items needing desensitization in the desensitization data; obtaining digital envelope message content according to the distribution information of the desensitization data item and the distribution information check code; the distributed information check code is obtained by encrypting the distributed information in a preset encryption mode; combining the digital envelope message ciphertext and the secret key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting the digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting by using a public key of the server; processing the digital envelope to obtain desensitized data carrying a private key signature check code; that is, the method provided by the application can be suitable for the circulation situation of data assets at multiple nodes, the safety of information distribution and circulation information on the propagation link can be guaranteed by using the data envelope, the confidentiality is high, and all nodes on the propagation link cannot know circulation information except upstream and downstream nodes.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a data processing method according to an embodiment of the present application;
FIG. 2 is a flow chart of determination of desensitization data items provided by embodiments of the present application;
fig. 3 is a flowchart of generating a digital envelope according to an embodiment of the present application;
fig. 4 is a flowchart illustrating a generation process of a watermark desensitization data verification file according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application;
FIG. 6 is a flow chart of another data processing method provided by the embodiments of the present application;
FIG. 7 is a flow chart for obtaining a data envelope according to an embodiment of the present application;
FIG. 8 is a flow chart of yet another data processing method provided by an embodiment of the present application;
fig. 9 is a flowchart of tamper determination provided in an embodiment of the present application;
fig. 10 is a schematic structural diagram of another data processing apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the application provides a data processing method, which aims to solve the problems that the existing data watermarking and data desensitization mode is not suitable for the multi-node circulation condition of data assets and the safety is low.
The data processing method can be applied to a client in a data security system, and the data security system comprises a server and a plurality of clients. In practical application, a terminal for processing desensitization data needs to install a client, start and register with a server. And the server issues a server side certificate and a terminal certificate to the terminal. Wherein the certificate may be managed by a server. Each terminal which belongs to the same propagation link and is provided with a corresponding client transmits data to a downstream node terminal by an upstream node terminal; each terminal transmits data to a downstream node terminal, and the data is processed by the following data processing method through a corresponding client.
Referring to fig. 1, the method may include the following steps:
s100, after receiving the data to be desensitized, determining desensitization data items needing desensitization in the data to be desensitized.
In practical application, if the received data to be desensitized is the terminal on the starting node on the propagation link, the data to be desensitized may be data that is transmitted to the downstream node terminal and needs to be desensitized. The data to be desensitized may be data loaded by a user to the starting node terminal, or may be sent by an upper computer managing the starting node terminal, and is determined according to a specific application environment and a user requirement, which all belong to the protection scope of the present application.
If the received data to be desensitized is not the terminal of the starting node on the propagation link, the data to be desensitized may be sent from the upstream node terminal to the local node terminal.
In practical application, a specific process of determining a desensitization data item requiring desensitization in the to-be-desensitized data in step S100 may be as shown in fig. 2, and may include the following steps:
s200, determining a data row and a data column where a desensitization field in the data to be desensitized is located.
As shown in table 1-1, the data row and the data column in which the field to be desensitized is located can be determined in each data row and data column of the data to be desensitized.
TABLE 1-1
And S202, taking the data row and the data column as desensitization data items.
In practical applications, after the data row and the data column where the desensitization field in the desensitization data is located are determined in step S200, the data row and the data column may be used as desensitization data items, that is, the padding areas in table 1-1 are used as desensitization data items.
And S102, obtaining the digital envelope message content according to the distribution information and the distribution information check code of the desensitization data item.
In practical applications, the distributing information may include: the hash value, the distributor, the receiving object, the distribution time, the distribution purpose and the like of the desensitized data item are determined by the application environment and the user requirement, the content of the distribution information is not limited by the application, the desensitized data item can contain any information in the aspects of data and use thereof, and the expansibility is high.
It should be noted that the various types of information may be spliced to obtain distribution information, and the distribution information is encrypted by using a preset encryption method to obtain the distribution information check code.
And S104, combining the digital envelope message ciphertext and the key ciphertext to obtain the digital envelope.
The digital envelope message ciphertext is obtained by generating a symmetric key for encrypting the digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server.
With reference to fig. 3, the digital envelope may be obtained by: suppose terminal C1Random generation of symmetric key K for encryption of digital envelopes1Encrypting the digital envelope message content M1Obtaining a message ciphertext; simultaneously applying a symmetric key K1Using server public key PUSEncrypting (asymmetric encryption) to obtain a key ciphertext; the two parts form a digital envelope E.
And S106, processing the digital envelope to obtain desensitized data carrying a private key signature check code.
In practical application, the specific process of executing step S106 and processing the digital envelope to obtain desensitized data carrying a private key signature check code may be as shown in fig. 4, and may include the following steps:
and S300, generating watermark information of the digital envelope by using the expansion matrix.
It should be noted that the expansion is a linear reversible algorithm (refer to an expansion matrix in a fietel structure), the expansion matrix corresponds to a contraction matrix, and a piece of information can be restored by expanding the expansion matrix and contracting the contraction matrix.
S302, filling the watermark information into the desensitized data item, and adding a private key signature check code to the data filled with the watermark information to obtain desensitized data.
In practical application, the watermark information can be filled in the desensitization data item by a circular filling mode.
The private key signature check code can be obtained by using a private key signature of the distributor in the distribution information.
Based on the principle, the data processing method provided by the embodiment can be suitable for the circulation situation of data assets in multiple nodes, the safety of circulation information on distribution information and a propagation link can be guaranteed by using a data envelope, the confidentiality is high, and all nodes on the propagation link cannot know circulation information except upstream and downstream nodes.
In addition, the data processing method provided by the application can also complete desensitization operation and watermarking operation together without destroying the original data structure; moreover, the desensitization mode is the cyclic filling of watermark information, the calculation of desensitized field data is not involved except for the initial node, the desensitization processing speed is high, and the method is suitable for processing a large amount of data. In addition, the watermark information filled in the desensitization data item only contains the hash value of desensitization data protected by the digital envelope, so that a user cannot restore non-desensitization data, and the data security is high.
Based on the method provided by the above embodiment, assume terminal C1Having data to be desensitized at n terminals CiM (i e [1, n ]]N is a positive integer) is transmitted and used. And each terminal is provided with a corresponding client, and finishes starting and registering to the server. Suppose that the data to be desensitized is on link C1~CnFor use, the distribution flow of the ith node may be as follows:
1. preparing data:
terminal CiReady to receive data to be desensitized, and identify data items requiring desensitization.
2. Preparation of distribution information:
terminal CiAnd processing the watermark information by using a contraction matrix to obtain the digital envelope Ei-1.
Terminal CiArrangement and verification Hi-1Digital envelope Ei-1Distributor CiReception object Ci+1The distribution information is formed by the factors of distribution time, distribution purpose and the like, and the distribution information check code is spliced after the distribution information and is used as the next digital envelope message content Mi。
3. And (3) generating a digital envelope:
terminal CiSymmetric key K for randomly generating digital envelope encryptioniEncrypting the digital envelope message content MiObtaining a message ciphertext; simultaneously combining the symmetric key KiUsing server public key PUSEncrypting to obtain a key ciphertext; the two parts form a digital envelope Ei。
4. Generating watermark information:
and expanding the digital envelope into watermark information by using an expansion matrix.
5. Desensitizing the watermark:
and circularly filling watermark information in the desensitization field in the step 1 to obtain desensitized data.
6. And (4) adding verification:
using desensitized data to generate file, adding C to fileiVerification of private key signatures HiIs sent to a receiving object Ci+1。
In combination with the data processing method provided by the embodiment of the present application, an embodiment of the present application further provides a data processing apparatus, which is applied to a client in a data security system, where the data security system includes a server and a plurality of clients, please refer to fig. 5, and the apparatus includes:
the first determining unit 100 is configured to determine, after receiving the data to be desensitized, a desensitization data item requiring desensitization in the data to be desensitized.
A second determining unit 102, configured to obtain a digital envelope message content according to the distribution information of the desensitization data item and the distribution information check code; the distribution information check code is obtained by encrypting the distribution information by using a preset encryption mode.
A first combining unit 104, configured to combine the digital envelope message ciphertext and the key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting the digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server.
The first processing unit 106 is configured to process the digital envelope to obtain desensitized data carrying a private key signature check code.
Optionally, the first determining unit 100 is specifically configured to:
determining a data row and a data column where a desensitization field in the data to be desensitized is located;
the data row and the data column are treated as desensitization data items.
Optionally, the first processing unit 106 is specifically configured to:
generating watermark information of the digital envelope by using the extended matrix;
and filling the watermark information into the desensitized data item, and adding a private key signature check code to the data filled with the watermark information to obtain desensitized data.
For the data processing apparatus shown in fig. 5, specific working principles thereof may refer to each step executed by the data processing method provided in the embodiment of the present application, and are not described herein again.
The data processing apparatus provided in this embodiment is applied to a client in a data security system, where the data security system includes a server and a plurality of clients, and the apparatus includes: the first determining unit 100 is configured to determine, after receiving the data to be desensitized, a desensitization data item requiring desensitization in the data to be desensitized. A second determining unit 102, configured to obtain a digital envelope message content according to the distribution information of the desensitization data item and the distribution information check code; the distribution information check code is obtained by encrypting the distribution information by using a preset encryption mode. A first combining unit 104, configured to combine the digital envelope message ciphertext and the key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting the digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server. The first processing unit 106 is configured to process the digital envelope to obtain desensitized data carrying a private key signature check code. That is, the device that this application provided can be applicable to the circulation condition of data asset at the multinode, uses the data envelope can guarantee the security of distribution information and the information that circulates on the link, and the security is high, and each node can't learn the circulation information except that upstream and downstream node on the link.
On the basis of the data processing method or the data processing apparatus shown above, an embodiment of the present application further provides another data processing method, which is applied to a server in a data security system, where the data security system includes the server and a plurality of clients, please refer to fig. 6, and the method includes:
s400, determining the type of the received user request.
In practical applications, the user request types may include: the disclosure tracing request, the tampering determination request, and the like are not specifically limited according to the specific application environment, and all belong to the protection scope of the present application.
S402, if the received user request type is a divulgence tracing request, responding to the divulgence tracing request, and obtaining the divulgence desensitized data.
In practical application, the specific way of acquiring the compromised desensitized data can be determined according to the specific application environment and the user requirements, and the application is not specifically limited and belongs to the protection scope of the application.
And S404, determining a digital envelope corresponding to the compromised desensitized data based on the compromised desensitized data.
In practical applications, a specific process of performing step S404 and determining a digital envelope corresponding to the compromised desensitized data based on the compromised desensitized data may be as shown in fig. 7, and may include the following steps:
and S500, extracting the data in the divulged desensitized data to obtain watermark information in the desensitized field.
Wherein watermark information within the desensitization field may be found in compromised desensitized data.
S502, processing the watermark information by using the contraction matrix to obtain the digital envelope.
In practical application, the watermark information is obtained by expanding the digital envelope by using the expansion matrix. Therefore, the watermark information is shrunk by using the shrinking matrix, and the digital envelope can be recovered.
S406, the digital envelope is decrypted by using the private key of the server, and a divulgence node of the leaked desensitized data is determined.
In practical application, the digital envelope can be decrypted by using a private key of the server, the distributor and the receiving object in the distribution information in the digital envelope are obtained, and the occurrence of the leaked desensitized data at a node between the distributor and the receiving object is determined.
The leaked desensitized data may be leaked by the distributor, may be leaked by the receiving object, or may be leaked by the distributor during the process of transmitting the desensitized data to the receiving object.
Based on the above, in this embodiment, after the compromised desensitized data is compromised, the compromised desensitized data is obtained; then, based on the compromised desensitized data, determining a digital envelope corresponding to the compromised desensitized data; and finally, decrypting the digital envelope by using a private key of the server to determine a leaked desensitized data leakage occurrence node and trace the source of the leaked data.
It should be noted that, in practical applications, after the step S406 is executed, the digital envelope is decrypted by using the private key of the server, and the divulgence node of the leaked desensitized data is determined, the method may further include:
verifying the integrity of the compromised desensitized data based on the compromise generating node.
The private key signature check code of the upstream node in the divulgence generation node and the private key signature check code of the downstream node can be compared, so that whether the divulged desensitized data is complete or not can be determined.
If the private key signature check code at the upstream node in the divulgence generation node is consistent with the private key signature check code at the downstream node, determining that the divulged desensitized data is complete; if not, the compromised desensitization data is determined to be incomplete.
Optionally, in another embodiment provided by the present application, after the step S400 is executed and the received user request type is determined, if the received user request type is a tamper determination request, please refer to fig. 8, the method further includes:
s600, responding to the tampering judgment request, and respectively comparing the first check code with the second check code aiming at the desensitized data of each node.
The first check code is obtained by calculation according to desensitized data received by the node; the second check code is a private key signature check code of an upstream node of the node.
In practical application, the first check code may be obtained by encrypting desensitized data received by the node in a preset encryption manner. The preset encryption mode is consistent with the encryption mode of the desensitized data of the upstream node generating the node.
It should be noted that, in practice, plaintext information of a check code is generally compared, and plaintext information of a private key signature check code can be obtained by decrypting the check code with a public key of a distributor corresponding to the private key signature check code.
And S602, if the comparison result is inconsistent, judging that the data tampering occurs on the upstream node of the node.
In practical applications, if the comparison result of the first check code and the second check code is inconsistent, it indicates that the data may be tampered in the process of being transmitted from the upstream node to the local node.
It should be noted that the node where malicious tampering occurs may be any one of tampering the digital envelope, distributor, and destroying the source of the watermark information, or removing itself from the propagation chain.
In practical application, if the comparison results are consistent, it is determined that the data tampering does not occur on the upstream node of the node.
Based on the above, in this embodiment, whether data transmitted by the upstream node is tampered or not can be determined by comparing the first check code of the local node with the second check code of the upstream node, so that tampering arbitration of the server is realized.
Based on the method provided by the foregoing embodiment, assuming that n nodes exist in the data propagation link, in conjunction with fig. 9, this embodiment may have the following implementation process:
the server may retrieve desensitized data that is eventually intended to use node n, and process the data layer by layer in accordance with the flow shown in fig. 9 below. From the end node (starting from the i +1 node in the figure), desensitization data, a private key signature check code and a distributor of each node can be taken out layer by layer; calculating desensitized data of each node to obtain a first check code (calculation check Hi' in the graph), and decrypting the private key signature check code by inquiring a public key of a distributor to obtain a second check code (calculation check Hi after decryption in the graph); and then comparing the second check code with the first check code, and if the comparison is inconsistent, determining that the data of the node is tampered. And if the comparison is consistent, decrypting the digital envelope of the desensitized data of the node to obtain the desensitized data, the distributor and the check value required for judging whether the next node is subjected to data tampering.
In combination with the data processing method provided by the embodiment of the present application, an embodiment of the present application further provides a data processing apparatus, which is applied to a server in a data security system, where the data security system includes the server and a plurality of clients, please refer to fig. 10, and the apparatus includes:
a third determining unit 200, configured to determine the type of the received user request.
The first response obtaining unit 202 is configured to, if the received user request type is a divulgence trace-back request, obtain the compromised desensitized data in response to the divulgence trace-back request.
A fourth determining unit 204, configured to determine, based on the compromised desensitized data, a digital envelope corresponding to the compromised desensitized data.
A fifth determining unit 206, configured to decrypt the digital envelope with the private key of the server, and determine a divulgence node of the leaked desensitized data.
Optionally, the fourth determining unit 204 is specifically configured to:
extracting data in the compromised desensitized data to obtain watermark information in the desensitized field;
and processing the watermark information by using the contraction matrix to obtain the digital envelope.
Optionally, the apparatus further comprises:
and the first verification unit is used for verifying the integrity of the compromised desensitized data based on the divulgence generation node.
Optionally, if the received user request type is a tamper determination request, the apparatus further includes:
a first response comparison unit, configured to respond to the tamper determination request, and compare the first check code with the second check code, respectively, for desensitized data of each node; the first check code is obtained by calculation according to desensitized data received by the node; the second check code is a private key signature check code of an upstream node of the node.
And the first judging unit is used for judging that the data tampering occurs on the upstream node of the node if the comparison results are inconsistent.
Optionally, the apparatus further comprises:
and the second judging unit is used for judging that the data tampering does not occur on the upstream node of the node if the comparison results are consistent.
For the specific working principle of the data processing apparatus shown in fig. 10, reference may be made to each step executed by the data processing method provided in the embodiment of the present application, and details are not repeated here.
The data processing apparatus provided in this embodiment is applied to a server in a data security system, where the data security system includes the server and a plurality of clients, and the apparatus includes: a third determining unit 200, configured to determine the type of the received user request. The first response obtaining unit 202 is configured to, if the received user request type is a divulgence trace-back request, obtain the compromised desensitized data in response to the divulgence trace-back request. A fourth determining unit 204, configured to determine, based on the compromised desensitized data, a digital envelope corresponding to the compromised desensitized data. A fifth determining unit 206, configured to decrypt the digital envelope with the private key of the server, determine a divulgence occurrence node of the leaked desensitized data, and after the divulgence of the desensitized data occurs, trace the source of the divulgence data.
Based on the above, in practical application, the application system only needs to deploy the server, and then the client is deployed by using the module needing desensitization data, so that the system data security can be realized, the modification amount is small, and the system can be adapted to various architecture systems.
It is worth explaining that the desensitization data use user and the sensitive data can be strongly associated, the use user can be effectively managed, and the data leakage event can be accurately traced. Aiming at the divulgence event of sensitive data in the sharing, outgoing and access processes, the business application service system can completely and detailedly record the data divulgence process and the divulgence source, can provide powerful basis for tracing and fixing responsibility after the fact, avoids loss and damage expansion, and further improves the safety and traceability of data transmission.
Features described in the embodiments in the present specification may be replaced with or combined with each other, and the same and similar portions among the embodiments may be referred to each other, and each embodiment is described with emphasis on differences from other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the components and steps of the various examples have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A data processing method is applied to a client in a data security system, wherein the data security system comprises a server and a plurality of clients, and the method comprises the following steps:
after receiving data to be desensitized, determining desensitization data items needing desensitization in the data to be desensitized;
obtaining digital envelope message content according to the distribution information and the distribution information check code of the desensitization data item; the distribution information check code is obtained by encrypting the distribution information in a preset encryption mode;
combining the digital envelope message ciphertext and the secret key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting a digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server;
and processing the digital envelope to obtain desensitized data carrying a private key signature check code.
2. The data processing method according to claim 1, wherein determining desensitization data items requiring desensitization among the data to be desensitized comprises:
determining a data row and a data column where a desensitization field in the data to be desensitized is located;
the data row and the data column are taken as the desensitization data items.
3. The data processing method of claim 1, wherein processing the digital envelope to obtain desensitized data carrying a private key signature check code comprises:
generating watermark information of the digital envelope by using an expansion matrix;
and filling the watermark information into the desensitized data item, and adding the private key signature check code to the data filled with the watermark information to obtain the desensitized data.
4. A data processing apparatus, applied to a client in a data security system, where the data security system includes a server and a plurality of clients, the apparatus comprising:
the device comprises a first determining unit, a second determining unit and a control unit, wherein the first determining unit is used for determining desensitization data items needing desensitization in the data to be desensitized after receiving the data to be desensitized;
the second determining unit is used for obtaining the content of the digital envelope message according to the distribution information and the distribution information check code of the desensitization data item; the distribution information check code is obtained by encrypting the distribution information in a preset encryption mode;
the first combination unit is used for combining the digital envelope message ciphertext and the secret key ciphertext to obtain a digital envelope; the digital envelope message ciphertext is obtained by generating a symmetric key for encrypting a digital envelope aiming at the digital envelope message content and encrypting the corresponding digital envelope message content by using the symmetric key; the secret key ciphertext is obtained by encrypting the public key of the server;
and the first processing unit is used for processing the digital envelope to obtain desensitized data carrying a private key signature check code.
5. A data processing method is applied to a server side in a data security system, wherein the data security system comprises the server side and a plurality of client sides, and the method comprises the following steps:
determining the type of the received user request;
if the received user request type is a divulgence tracing request, responding to the divulgence tracing request, and acquiring the divulged desensitized data;
determining a digital envelope corresponding to the compromised desensitized data based on the compromised desensitized data;
and decrypting the digital envelope by using a private key of the server side to determine a divulgence occurrence node of the leaked desensitized data.
6. The data processing method of claim 5, wherein determining, based on the compromised desensitized data, a digital envelope to which the compromised desensitized data corresponds comprises:
extracting data in the divulged desensitized data to obtain watermark information in a desensitized field;
and processing the watermark information by using a contraction matrix to obtain the digital envelope.
7. The data processing method of claim 5, wherein after the digital envelope is decrypted by using a private key of the server and the divulgence node of the leaked desensitized data is determined, further comprising:
verifying the integrity of the compromised desensitized data based on the compromise generating node.
8. The data processing method of claim 6, wherein after determining the type of the received user request, if the type of the received user request is a tamper determination request, the method further comprises:
responding the tampering judgment request, and respectively comparing the first check code with the second check code aiming at the desensitized data of each node; the first check code is obtained by calculation according to desensitized data received by the node; the second check code is a private key signature check code of an upstream node of the node;
and if the comparison result is inconsistent, judging that the data tampering occurs on the upstream node of the node.
9. The data processing method of claim 8, wherein if the comparison result is consistent, it is determined that the upstream node of the local node has not been tampered with.
10. A data processing apparatus, applied to a server in a data security system, the data security system including the server and a plurality of clients, the apparatus comprising:
a third determining unit, configured to determine a type of the received user request;
the first response acquisition unit is used for responding to the divulgence tracing request and acquiring the divulgence desensitized data if the received user request type is the divulgence tracing request;
a fourth determining unit, configured to determine, based on the compromised desensitized data, a digital envelope corresponding to the compromised desensitized data;
and the fifth determining unit is used for decrypting the digital envelope by using the private key of the server and determining the leaked desensitized data leakage occurrence node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111405458.1A CN114091072A (en) | 2021-11-24 | 2021-11-24 | Data processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111405458.1A CN114091072A (en) | 2021-11-24 | 2021-11-24 | Data processing method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114091072A true CN114091072A (en) | 2022-02-25 |
Family
ID=80304060
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111405458.1A Pending CN114091072A (en) | 2021-11-24 | 2021-11-24 | Data processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114091072A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114826733A (en) * | 2022-04-19 | 2022-07-29 | 中国工商银行股份有限公司 | File transfer method, device, system, apparatus, medium, and program product |
-
2021
- 2021-11-24 CN CN202111405458.1A patent/CN114091072A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114826733A (en) * | 2022-04-19 | 2022-07-29 | 中国工商银行股份有限公司 | File transfer method, device, system, apparatus, medium, and program product |
| CN114826733B (en) * | 2022-04-19 | 2024-01-05 | 中国工商银行股份有限公司 | File transmission method, device, system, equipment, medium and program product |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3685334B1 (en) | Improving integrity of communications between blockchain networks and external data sources | |
| CN112926051B (en) | Multi-party security computing method and device | |
| CN109274644B (en) | Data processing method, terminal and watermark server | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| US11914754B2 (en) | Cryptographic method for verifying data | |
| US11956367B2 (en) | Cryptographic method for verifying data | |
| CN111404892B (en) | Data supervision method and device and server | |
| CN117220865A (en) | Longitude and latitude encryption method, longitude and latitude verification device and readable storage medium | |
| CN115276978A (en) | Data processing method and related device | |
| CN114499875A (en) | Service data processing method and device, computer equipment and storage medium | |
| CN114091072A (en) | Data processing method and device | |
| CN116049802B (en) | Application single sign-on method, system, computer equipment and storage medium | |
| CN117155549A (en) | Key distribution method, key distribution device, computer equipment and storage medium | |
| CN113722749A (en) | Data processing method and device for block chain BAAS service based on encryption algorithm | |
| CN112115461A (en) | Equipment authentication method and device, computer equipment and storage medium | |
| CN110737725A (en) | Electronic information inspection method, device, equipment, medium and system | |
| US11729231B2 (en) | Secure multi-party random bit generation | |
| CN115022042A (en) | Compliance code verification method for protecting data privacy and computer readable medium | |
| Tang et al. | Fragile watermarking based proofs of retrievability for archival cloud data | |
| CN113342802A (en) | Method and device for storing block chain data | |
| Arvin S. Lat et al. | SOUL System: secure online USB login system | |
| CN114826653B (en) | Credential verification method, system, device, equipment and storage medium based on blockchain network | |
| CN114567476B (en) | Data security protection method and device, electronic equipment and medium | |
| CN115134093B (en) | Digital signature method and computing device | |
| US10970407B2 (en) | Processes and related apparatus for secure access control |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |