CN114157425A - Method and device for responding service request - Google Patents
Method and device for responding service request Download PDFInfo
- Publication number
- CN114157425A CN114157425A CN202111481176.XA CN202111481176A CN114157425A CN 114157425 A CN114157425 A CN 114157425A CN 202111481176 A CN202111481176 A CN 202111481176A CN 114157425 A CN114157425 A CN 114157425A
- Authority
- CN
- China
- Prior art keywords
- service
- request
- server
- financial institution
- business
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 82
- 230000008569 process Effects 0.000 claims abstract description 33
- 238000012545 processing Methods 0.000 claims abstract description 30
- 238000013475 authorization Methods 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 15
- 230000006870 function Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 15
- 238000007726 management method Methods 0.000 description 11
- 238000012546 transfer Methods 0.000 description 11
- 230000000875 corresponding effect Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000004044 response Effects 0.000 description 5
- 238000013500 data storage Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000003062 neural network model Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000001356 surgical procedure Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application discloses a method and a device for responding to a business request, relates to the technical field of data processing, and is used for solving the problem that information safety cannot be guaranteed in the process that a financial institution provides business services by combining with a third-party server in the prior art. The method comprises the following steps: receiving a request from a user equipment; the request is used for indicating to provide business service; determining a service server providing service, and acquiring a stored access address of the service server and a key agreed with the service server in advance; sending account information and a request of the user equipment encrypted by the secret key to a service server through an access address; receiving record information from a service server; the record information is generated by the business server in the process of providing business service; and storing the record information when receiving the indication information for indicating the completion of the provision of the service from the service server.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a method and an apparatus for responding to a service request.
Background
With the rapid development of various industries, some service providers can provide more diversified services besides the main service to achieve the goal of attracting more users. For example, in the financial industry, each financial institution provides some additional services, such as mobile phone recharging, in addition to the main industry. However, due to the limitation of the system function of the financial institution, the financial institution cannot provide the additional services by itself, and the corresponding services need to be provided by a third-party supplier. That is, the financial institution receives a request sent by a user to provide a certain service, and then forwards the request to a provider server that can provide the service, and the provider server provides the service for the user. It can be seen that, in order to ensure that the user can be better provided with the service, it becomes important how to combine the financial institution and the supplier server, and how to ensure the information security during the interaction between the financial institution and the supplier.
Disclosure of Invention
The exemplary embodiment of the present application provides a method and an apparatus for responding to a business request, so as to solve a problem in the prior art that information security cannot be guaranteed when a financial institution provides a business service in combination with a third-party server.
In a first aspect, an embodiment of the present application provides a method for responding to a service request, including:
receiving a request from a user equipment; the request is used for indicating to provide business service;
determining a service server providing the service, and acquiring a stored access address of the service server and a key agreed with the service server in advance;
sending the account information of the user equipment and the request encrypted by the key to the service server through the access address;
receiving record information from the service server; the record information is generated by the business server in the process of providing the business service;
and storing the record information when receiving the indication information which is used for indicating that the service is provided.
Based on the scheme, when the application server of the financial institution receives the request of the user equipment, the account information and the request of the user equipment encrypted by the key are sent to the service server according to the stored access address of the service server and the key agreed with the service server in advance, the service server responds to the request to provide service, and the record information generated in the service providing process is sent to the application server of the financial institution to be stored uniformly, so that the user or a manager can check and manage the record information conveniently. From the user's perspective, the service may be obtained by simply logging into the financial institution's system, rather than logging into a different provider system to obtain a different service. And when the application server of the financial institution forwards the request and sends the account information of the user equipment, the application server adopts a pre-agreed key for encryption, so that the security of data transmission is ensured.
In some embodiments, after receiving the request from the user equipment, the method further comprises:
generating a unique identifier; the unique identifier is used for identifying data generated in the process of providing the business service;
after acquiring the stored access address of the service server and the key agreed with the service server in advance, the method further includes:
and sending the unique identifier to the service server through the access address.
In some embodiments, the unique identifier is included in the record information.
Based on the scheme, the unique identifier is sent to the business server by the application server of the financial institution, and the business server can provide business services according to the unique identifier. If the business server is accessed through other channels without the unique identifier, the business server can not provide the business, thereby ensuring the information security in the process of providing the business service.
In some embodiments, before sending the account information of the user equipment encrypted with the key and the request to the service server through the access address, the method further includes:
sending an authorization request to the user equipment; the authorization request is used for requesting to send the account information to the service server;
and receiving the authorization agreement information from the user equipment, and sending the account information to the service server.
In a second aspect, an embodiment of the present application provides another method for responding to a service request, including:
receiving the encrypted request and the account information from an application server of the financial institution; the request is used for indicating to provide business service;
acquiring a secret key agreed with an application server of the financial institution in advance, and decrypting the encrypted request and the account information by adopting the secret key;
providing business service according to the request and the account information, generating record information, and sending the record information to an application server of the financial institution;
after the provision of the business service is completed, sending indication information indicating that the provision of the business service is completed to an application server of the financial institution.
In some embodiments, the method further comprises:
receiving a unique identifier from an application server of a financial institution; the unique identifier is used for identifying data generated in the process of providing the business service;
the generating of the record information includes:
generating record information including the unique identifier.
In a third aspect, an embodiment of the present application provides an apparatus for responding to a service request, including:
a transceiving unit for receiving a request from a user equipment; the request is used for indicating to provide business service;
the processing unit is used for determining a service server providing the service and acquiring a stored access address of the service server and a key agreed with the service server in advance;
the receiving and sending unit is further configured to send, to the service server, the account information of the user equipment and the request encrypted with the key through the access address;
the receiving and sending unit is further used for receiving the record information from the service server; the record information is generated by the business server in the process of providing the business service;
the processing unit is further configured to store the record information when the transceiver unit receives indication information from the service server, where the indication information indicates that the provision of the service is completed.
In some embodiments, the processing unit is further configured to:
generating a unique identifier; the unique identifier is used for identifying data generated in the process of providing the business service;
the transceiver unit is further configured to:
and sending the unique identifier to the service server through the access address.
In some embodiments, the unique identifier is included in the record information.
In some embodiments, the transceiver unit is further configured to:
sending an authorization request to the user equipment; the authorization request is used for requesting to send the account information to the service server;
and receiving the authorization agreement information from the user equipment, and sending the account information to the service server.
In a fourth aspect, an embodiment of the present application provides another apparatus for responding to a service request, including:
a transceiving unit for receiving the encrypted request and the account information from an application server of the financial institution; the request is used for indicating to provide business service;
the processing unit is used for acquiring a secret key agreed in advance with an application server of the financial institution and decrypting the encrypted request and the account information by adopting the secret key; providing business service according to the request and the account information, generating record information, and sending the record information to an application server of the financial institution;
the receiving and sending unit is further configured to send, after the processing unit completes providing the business service, indication information indicating that providing the business service is completed to an application server of the financial institution.
In some embodiments, the transceiver unit is further configured to:
receiving a unique identifier from an application server of a financial institution; the unique identifier is used for identifying data generated in the process of providing the business service;
the processing unit is specifically configured to:
generating record information including the unique identifier.
In a fifth aspect, embodiments of the present application provide an electronic device, which includes a controller and a memory. The memory is used for storing computer-executable instructions, and the controller executes the computer-executable instructions in the memory to perform the operation steps of the method of any one of the possible implementations of the first aspect to the second aspect by using hardware resources in the controller.
In a sixth aspect, the present application provides a computer-readable storage medium having stored therein instructions, which when run on a computer, cause the computer to perform the method of the above-described aspects.
In a seventh aspect, the present application provides a computer program product, which includes computer program code, when the computer program code is executed by a computer, the computer is caused to execute the method of the above aspects.
In addition, the beneficial effects of the second to seventh aspects may refer to the beneficial effects described in the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application.
Fig. 1 is a schematic structural diagram of a network architecture according to an embodiment of the present application;
fig. 2 is a flowchart of a method for responding to a service request according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a display interface provided in an embodiment of the present application;
FIG. 4 is a schematic diagram of another display interface provided in an embodiment of the present application;
fig. 5 is a flowchart of another method for responding to a service request according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an apparatus for responding to a service request according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments, but not all embodiments, of the technical solutions of the present application. All other embodiments obtained by a person skilled in the art without any inventive step based on the embodiments described in the present application are within the scope of the protection of the present application.
The terms "first" and "second" in the description and claims of the present application and the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the term "comprises" and any variations thereof, which are intended to cover non-exclusive protection. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus. The "plurality" in the present application may mean at least two, for example, two, three or more, and the embodiments of the present application are not limited.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" in this document generally indicates that the preceding and following related objects are in an "or" relationship unless otherwise specified.
In order to facilitate understanding of the scheme proposed in the present application, a network architecture adopted in the embodiments of the present application is first briefly described. For example, refer to fig. 1, which is a schematic structural diagram of a network architecture provided in the embodiment of the present application. The method specifically comprises the following steps: user equipment 110, an application server 120 of a financial institution, and a service server 130. It should be noted that fig. 1 is only an example, and the number of the network devices, the application servers of the financial institution, and the service servers in the network architecture is not particularly limited in the embodiments of the present application. For example, the network architecture involved in the present application may include a plurality of service servers, which may be accessed by an application server of a financial institution. Or a plurality of user devices can be included in the network architecture, and the application server of one financial institution can also provide services for the plurality of user devices. Or the network architecture may include application servers of multiple financial institutions, i.e. one business server may also be accessed by application servers of multiple financial institutions. This is not a particular limitation of the present application.
The User Equipment 110 may also be referred to as a Terminal (UE), or a Terminal device, a Mobile Station (MS), a Mobile Terminal (MT), etc., and is a device that provides voice and/or data connectivity to a User, for example, a handheld device with a wireless connection function, a vehicle-mounted device, etc. Currently, some examples of user equipment are: a Mobile phone (Mobile phone), a tablet computer, a notebook computer, a palm computer, a Mobile Internet Device (MID), a wearable Device, a Virtual Reality (VR) Device, an Augmented Reality (AR) Device, a wireless terminal in Industrial Control (Industrial Control), a wireless terminal in unmanned driving (self driving), a wireless terminal in remote surgery (remote medical supply), a wireless terminal in smart grid (smart grid), a wireless terminal in transportation safety, a wireless terminal in city (smart city), a wireless terminal in smart home (smart home), and the like. In some embodiments, a user device to which the present application relates may include a display screen for displaying various display interfaces.
Alternatively, the functions of the application server 120 of the financial institution may be implemented by one server or a server cluster composed of a plurality of servers. The application server 120 of the financial institution may be understood as a background server of the application program of the financial institution, which may include a processor, a hard disk, a memory, a system bus, etc. for providing corresponding business services in response to a request from the user equipment 110. Similarly, the functions of the service server 130 may be implemented by one server or by a server cluster. In fig. 1, the function of the service server 130 is implemented by one server as an example.
For convenience of description, the user device 110 is simply referred to as a user device, the application server 120 of the financial institution is simply referred to as an application server of the financial institution, and the service server 130 is simply referred to as a service server.
In the related art, some financial institutions, such as banks, provide diversified additional services to attract more users in addition to the main industry. For example, the application programs of various banks can provide services such as weather inquiry, mobile phone recharging or life payment. However, due to technical limitations, the financial institution itself cannot provide these additional services, and needs to provide corresponding services by means of a third-party provider (or may also be referred to as an equity provider or a partner), that is, the system of the financial institution is connected to the system of the provider, so that the server of the financial institution can access the service server of the provider, thereby providing diversified services to the user. The current integration schemes of financial institutions and suppliers' systems mainly include the following two types: the first is to integrate the system of the financial institution into the system of the supplier, for example, when the supplier is a union pay, the union pay can provide services for a plurality of financial institutions, so that each financial institution is required to adjust its own system to adapt to the system of the union pay, so that it can be better deployed in the system of the union pay. The second is that a vendor acquires a Software Development Kit (SDK) of a financial institution application and then deploys a service of a corresponding financial institution in its own system. The first scheme requires the financial institution to adjust various system functions of the financial institution, is poor in autonomy for the financial institution, and requires a user to log in different supplier systems when the user needs different services. The second method has high technical requirements for suppliers, and cannot be realized by small suppliers. And the user is also required to log in different provider systems to obtain different services, and the use experience is poor.
In view of this, the present disclosure provides a method and an apparatus for responding to a service request, in which an application server of a financial institution stores an access address of a service server of a provider and a key negotiated with the service server. After receiving the request from the user equipment, the application server of the financial institution may directly send the account information of the user equipment and the request encrypted with the pre-negotiated key to the service server according to the stored access address, and the service server provides the service in response to the request.
First, to facilitate understanding of the solution proposed in the present application, referring to fig. 2, a flowchart of a method for responding to a service request is provided in an embodiment of the present application. The method specifically comprises the following steps:
an application server of a financial institution receives a request from a user device 201.
Wherein the request is for indicating that the business service is provided. Alternatively, the user device may transmit a request indicated by the user operation to an application server of the financial institution in response to the user's corresponding operation in a display interface provided by an application program of the financial institution. As an example, it may also be expressed herein as the user device sending a request to a backend server of a financial institution application. For convenience of description, the application server of the financial institution is taken as an example to be introduced in the following.
202, the application server of the financial institution determines a service server providing the service, and acquires an access address of the service server and a key agreed with the service server in advance.
Alternatively, the application server of the financial institution may access a plurality of service servers, for example, access addresses of the plurality of service servers may be stored, and the plurality of service servers may implement different service functions. For example, the application server of the financial institution may access a service server for providing a mobile phone recharging function, and may also access a service server for providing a weather forecast.
In a possible case, after receiving the request for instructing to provide the business service, the application server of the financial institution may first determine that the application server itself cannot provide the business service, and then determine the business servers that can provide the business service according to the stored business functions of the respective business servers.
In another possible case, the request received by the application server of the financial institution may include an identifier or name indicating a service server providing the service, that is, the request includes a name or identifier of a service server capable of providing the service. Upon receiving the request, the application server of the financial institution may determine the business servers that can respond to the request.
Optionally, the application server of the financial institution may also perform key agreement with a plurality of service servers in advance, and store the agreed keys. As an example, the encryption mechanism between the application server and the service server of the financial institution may adopt a symmetric encryption manner, that is, the application server of the financial institution negotiates a key with the service server, the application server (or the service server) of the financial institution encrypts data by using the key, and the service server (or the application server of the financial institution) decrypts the encrypted data by using the key to obtain the data when receiving the encrypted data. As another example. An asymmetric encryption mechanism can be adopted between the application server of the financial institution and the business server, namely, the application server of the financial institution can negotiate a pair of a public key and a private key with the business server, the application server (or the business server) of the financial institution encrypts data by adopting the public key, and the business server (or the application server of the financial institution) decrypts by adopting the private key when receiving the encrypted data to obtain the data. The encryption mechanism used by the application server and the service server of the financial institution is not specifically limited in the present application, and for convenience of description, a symmetric encryption manner used by the application server and the service server of the financial institution is taken as an example in the following description.
Specifically, the application server of the financial institution may obtain a pre-stored access address of a service server and a key previously negotiated with the service server after receiving a request and determining the service server that can respond to the request to provide a service.
And 203, the application server of the financial institution sends the account information of the user equipment encrypted by the key and the request to the service server through the access address of the service server.
Alternatively, the application server of the financial institution may encrypt both the account information and the request of the user equipment, or may encrypt only the account information of the user equipment. As an example, the access address of the service server may be a Uniform Resource Locator (URL) of the service server, such as: "https:// www.abc.com? inf ═ usBFfkha78r3Gp9KW50RUiok4ZwdPX07KfNfIE-BRI4& sign ═ 75ee8f7a239c5114ade247cf0d3d90bd & timestamp ═ 20200617092453588 ". The application server of the financial institution may send the encrypted account information and request to the service server according to the URL. The account information may be information indicating an identity of a user of the user equipment, and may be identity information such as a name, a phone number, or an identification number of the user. Alternatively, the account information may include information such as an account number and a login password used by the user equipment to log in to an application server of the financial institution, and the specific content included in the account information is not limited in the present application.
And 204, the business server receives the encrypted request and the account information from the application server of the financial institution, and decrypts the encrypted request and the account information by adopting the key.
Specifically, when receiving encrypted data from the application server of the financial institution, the service server may first obtain a secret key agreed with the application server of the financial institution in advance, and then decrypt the received data with the secret key to obtain the request and the account information.
The business server provides business services according to the request and the account information, generates record information, and transmits the record information to an application server of the financial institution 205.
Optionally, the business server may record details generated in the process of providing the business service to form the record information. For example, if the service server provides transfer service, the amount of each transfer, the recipient, the sender, or the transfer time may be recorded. Alternatively, the service server may transmit the generated logging information to an application server of the financial institution in real time. For example, the service provided by the service server is a triple transfer service, the service server may send the record information related to the first transfer to the application server of the financial institution after the first transfer is completed, send the record information related to the second transfer to the application server of the financial institution after the second transfer is completed, and so on, and send the record information related to the subtask to the application server of the financial institution every time a subtask is completed.
As another alternative, the business server may also send all record information generated in the process of providing the business service to the application server of the financial institution when the business service is completely provided. Continuing with the above example, the service is a triple transfer service, and the service server may send the record information generated in the triple transfer process to the application server of the financial institution after the triple transfer is completed.
Optionally, the service server may encrypt the record information with a key negotiated with an application server of the financial institution in advance before sending the record information.
And 206, after finishing providing the business service, the business server sends indication information for indicating that the provision of the business service is finished to the application server of the financial institution.
And 207, after receiving the instruction information, the application server of the financial institution stores the record information.
Alternatively, the application server of the financial institution may store the log information in association with account information of the user device.
Based on the scheme, when the application server of the financial institution receives the request of the user equipment, the account information and the request of the user equipment encrypted by the key are sent to the service server according to the stored access address of the service server and the key agreed with the service server in advance, the service server responds to the request to provide service, and the record information generated in the service providing process is sent to the application server of the financial institution to be stored uniformly, so that the user or a manager can check and manage the record information conveniently. From the user's perspective, the service can be obtained by simply logging into the system of the application server of the financial institution, rather than logging into a different provider system to obtain a different service.
In some embodiments, the application server of the financial institution, upon receiving a request from the user device indicating provision of the business service, may also generate a unique identifier for identifying data generated in the process of providing the business service. The application server of the financial institution may transmit the unique identifier to the business server to instruct the business server to generate record information including the unique identifier in a process of providing the business service. Based on the scheme, the unique identifier is sent to the business server by the application server of the financial institution, and the business server can provide business services according to the unique identifier. If the business server is accessed through other channels without the unique identifier, the business server can not provide the business, thereby ensuring the information security in the process of providing the business service.
In a possible implementation manner, before sending the request encrypted by using the key and the account information of the user equipment to the service server, the application server of the financial institution may also send an authorization request to the user equipment, where the authorization request is used to request to send the account information to the service server. And after determining that the authorization agreement information returned by the user equipment is received, the account information and the request encrypted by the key can be sent to the service server. As an example, after the application server of the financial institution sends the authorization request to the user equipment, the user equipment may display a display interface as described in fig. 3 in the display interface, and may send the authorization approval information to the application server of the financial institution in response to a user operation (for example, a selection operation such as touch control or remote control) on the control 301 in the display interface shown in fig. 3.
Further, after receiving the authorization agreement information, the application server of the financial institution encrypts the account information and the request by using the agreement key and sends the encrypted account information and the encrypted request to the service server. Optionally, the encrypted account information and the encrypted request sent by the application server of the financial institution may further carry a timestamp, and the time indicated by the timestamp is the time when the application server of the financial institution sends the encrypted account information and the encrypted request. After receiving the encrypted account information and request, the service server may first determine whether the time is out according to the timestamp carried therein, and if the time is out, the service server does not process the encrypted account information and request, and does not decrypt the received data. As an example, a time threshold may be preconfigured in the service server, and when receiving encrypted account information and a request carrying a timestamp, it may be determined whether an absolute value of a difference between the timestamp and the current time is greater than the time threshold, and if so, it may be considered as timeout. For example, the preconfigured time threshold may be 5 seconds, then, if the service server receives the encrypted account information and the request with the timestamp of time B at time a, the service server may determine whether the absolute value of the difference between time a and time B is less than 5 seconds, and if not, may not perform any processing (or may delete the received encrypted data); if so, the received encrypted account information and request can be decrypted.
In some embodiments, after completing the decryption, the service server may provide the service for the user equipment according to the requested content and the account information. Alternatively, the business server may complete the business service by providing a user interface. For example, an H5 page may be served, and the access address of the business server stored in the application server of the financial institution may also be the address of the H5 page. As an example, if the service requested by the user equipment is a mobile phone recharging service, the service server may provide a display interface as shown in fig. 4, and complete recharging in response to the operation of inputting a phone number and a recharging amount in the display interface as shown in fig. 4 by the user.
Alternatively, the business server may generate record information for recording data generated during the process of providing the business service. For example, continuing the above example, the service is a mobile phone recharging service, and the service server may use information such as a recharging amount, recharging time, and a recharging mobile phone number as the record information. Alternatively, the application server of the financial institution described in the above embodiment may generate the unique identifier after receiving the request, and transmit the unique identifier to the service server. When the service server generates the record information, the unique identifier may be used to identify the record information, that is, the record information including the unique identifier is generated. Further, after the service server generates the record information containing the unique identifier, the record information containing the unique identifier may be encrypted by using a key negotiated with an application server of the financial institution in advance, and the encrypted record information may be sent to the service server, so as to further ensure security during data transmission. Still further, after receiving the indication information indicating that the provision of the business service is completed from the business server, the application server of the financial institution may store the received record information, for example, may store the record information in association with the account information of the user equipment. Therefore, even for different service servers, as long as the recorded information of the same client is uniformly stored by the application server of the financial institution, the recorded information can be conveniently checked or managed by subsequent users or operation and maintenance personnel.
In order to further understand the proposed solution, the following describes the proposed solution for responding to the service request in detail with reference to the respective modules in the application server of the financial institution.
As an example, the application server of the financial institution may include: the system comprises a safety management and authentication module, a supplier management module, a client identification module and a data storage module. It should be noted that, the modules in the application server of the financial institution are merely divided functionally, and the application is not limited to the number and naming of the modules included in the application server of the financial institution. In the following, the modules included in the application server of the financial institution according to the embodiment of the present application are briefly described:
the safety management and authentication module: it can be used to perform key negotiation with each service server in advance, for example, if a symmetric encryption mechanism is adopted, a unique key can be negotiated with the service server. If an asymmetric encryption mechanism is adopted, a pair of public key and private key can be negotiated with the service server.
A supplier management module: the method can be used for storing access addresses of the service servers and basic information such as business licenses, contact addresses and the like of corresponding suppliers of each service server. And the security management and authentication module can be used for storing a preset key of the security management and authentication module. The provider management module may further obtain an access address and a provisioning key of the service server that may respond to the request after receiving the request from the user equipment, and then send the request encrypted with the key and account information of the user equipment to the service server through the access address.
A client identification module: the method and the device can be used for storing the account information of each user device and storing the record information generated when each service is provided for a certain user device in association with the account information of the user device.
A data storage module: the method can be used for storing all relevant information of any user equipment and storing information of different user equipment separately.
In the following, the scheme of the present application is described in conjunction with the above-described functional modules of the application server of the financial institution. Referring to fig. 5, a flowchart of a specific method for responding to a service request provided in the embodiment of the present application specifically includes:
the user device sends a request 501 to an application server of the financial institution.
The request is for indicating provision of a business service.
502, an application server of a financial institution obtains an access address and a provisioning key of a business server providing a business service.
Alternatively, the provider management module, which may be an application server of a financial institution, acquires an access address and a contract key of a business server providing business services. Optionally, the provider management module may also obtain account information of the user device from the customer identification module.
The application server of the financial institution sends an authorization request to the user device 503.
Optionally, the security management and authentication module of the application server of the financial institution may also send an authorization request to the user equipment. The authorization request is used for requesting to send the account information of the user equipment to the service server.
It should be noted that, in the embodiment of the present application, the sequence of steps 502 and 503 is not specifically limited, and step 502 may be executed first, or step 503 may be executed first.
The application server of the financial institution sends the account information and the request encrypted with the key to the service server after receiving the authorization approval information from the user equipment 504.
Alternatively, the supplier management module, which may be an application server of the financial institution, transmits the encrypted request and account information.
And 505, the business server provides business services according to the received encrypted account information and the request, and sends record information generated in the process of providing the business services to an application server of the financial institution.
For a specific process, reference may be made to the description in the above embodiments, and details are not repeated.
The business server transmits indication information indicating that the provision of the business service is completed to the application server of the financial institution 506 when the provision of the business service is completed.
And 507, when the application server of the financial institution receives the indication information, the record information and the account information are stored in a correlated mode.
Alternatively, the client identification module, which may be an application server of the financial institution, stores the log information and the account information in association with a data storage module of the application server of the financial institution.
Based on the same concept as the method described above, referring to fig. 6, there is provided an apparatus 600 for responding to a service request according to an embodiment of the present application. The apparatus 600 may perform the steps of the above method, and therefore, in order to avoid repetition, the detailed description is omitted here. The apparatus 600 comprises: a transceiver 601 and a processing unit 602.
In one possible scenario:
a transceiving unit 601, configured to receive a request from a user equipment; the request is used for indicating to provide business service;
a processing unit 602, configured to determine a service server providing the service, and obtain a stored access address of the service server and a key agreed with the service server in advance;
the transceiver 601 is further configured to send, to the service server through the access address, the account information of the user equipment and the request encrypted by using the key;
the transceiver 601 is further configured to receive record information from the service server; the record information is generated by the business server in the process of providing the business service;
the processing unit 602 is further configured to store the record information when the transceiver 601 receives indication information from the service server, where the indication information indicates that the provision of the service is completed.
In some embodiments, the processing unit 602 is further configured to:
generating a unique identifier; the unique identifier is used for identifying data generated in the process of providing the business service;
the transceiver 601 is further configured to:
and sending the unique identifier to the service server through the access address.
In some embodiments, the unique identifier is included in the record information.
In some embodiments, the transceiver 601 is further configured to:
sending an authorization request to the user equipment; the authorization request is used for requesting to send the account information to the service server;
and receiving the authorization agreement information from the user equipment, and sending the account information to the service server.
In another possible scenario:
a transceiving unit 601 for receiving the encrypted request and account information from an application server of the financial institution; the request is used for indicating to provide business service;
a processing unit 602, configured to obtain a key agreed in advance with an application server of the financial institution, and decrypt the encrypted request and the account information with the key; providing business service according to the request and the account information, generating record information, and sending the record information to an application server of the financial institution;
the transceiver 601 is further configured to send, after the processing unit 602 completes providing the business service, indication information indicating that providing the business service is completed to an application server of the financial institution.
In some embodiments, the transceiver 601 is further configured to:
receiving a unique identifier from an application server of a financial institution; the unique identifier is used for identifying data generated in the process of providing the business service;
the processing unit 602 is specifically configured to:
generating record information including the unique identifier.
Fig. 7 shows a schematic structural diagram of an electronic device 700 provided in an embodiment of the present application. The electronic device 700 in this embodiment of the application may further include a communication interface 703, where the communication interface 703 is, for example, a network port, and the electronic device may transmit data through the communication interface 703, for example, the communication interface 703 may implement the functions of the transceiver 601 in fig. 6.
In this embodiment, the memory 702 stores instructions executable by the at least one controller 701, and the at least one controller 701 may be configured to perform the steps of the method by executing the instructions stored in the memory 702, for example, the controller 701 may implement the functions of the processing unit 602 in fig. 6.
The controller 701 is a control center of the electronic device, and may connect various parts of the whole electronic device by using various interfaces and lines, by executing or executing instructions stored in the memory 702 and calling data stored in the memory 702. Alternatively, the controller 701 may include one or more processing units, and the controller 701 may integrate an application controller and a modem controller, where the application controller mainly handles an operating system, an application program, and the like, and the modem controller mainly handles wireless communication. It is to be understood that the modem controller described above may not be integrated into the controller 701. In some embodiments, the controller 701 and the memory 702 may be implemented on the same chip, or in some embodiments, they may be implemented separately on separate chips.
The controller 701 may be a general-purpose controller, such as a Central Processing Unit (CPU), digital signal controller, application specific integrated circuit, field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like, that implements or performs the methods, steps, and logic blocks disclosed in embodiments of the present application. The general controller may be a microcontroller or any conventional controller or the like. The steps executed by the data statistics platform disclosed in the embodiments of the present application may be directly executed by a hardware controller, or may be executed by a combination of hardware and software modules in the controller.
By programming the controller 701, for example, codes corresponding to the training method of the neural network model described in the foregoing embodiment may be fixed in a chip, so that the chip can execute the steps of the training method of the neural network model when running.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a controller of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the controller of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (15)
1. A method of responding to a service request, comprising:
receiving a request from a user equipment; the request is used for indicating to provide business service;
determining a service server providing the service, and acquiring a stored access address of the service server and a key agreed with the service server in advance;
sending the account information of the user equipment and the request encrypted by the key to the service server through the access address;
receiving record information from the service server; the record information is generated by the business server in the process of providing the business service;
and storing the record information when receiving the indication information which is used for indicating that the service is provided.
2. The method of claim 1, wherein after receiving the request from the user device, the method further comprises:
generating a unique identifier; the unique identifier is used for identifying data generated in the process of providing the business service;
after acquiring the stored access address of the service server and the key agreed with the service server in advance, the method further includes:
and sending the unique identifier to the service server through the access address.
3. The method of claim 2, wherein the unique identifier is included in the record information.
4. The method of any of claims 1-3, wherein prior to sending the request and the account information of the user device encrypted with the key to the service server via the access address, the method further comprises:
sending an authorization request to the user equipment; the authorization request is used for requesting to send the account information to the service server;
and receiving the authorization agreement information from the user equipment, and sending the account information to the service server.
5. A method of responding to a service request, comprising:
receiving the encrypted request and the account information from an application server of the financial institution; the request is used for indicating to provide business service;
acquiring a secret key agreed with an application server of the financial institution in advance, and decrypting the encrypted request and the account information by adopting the secret key;
providing business service according to the request and the account information, generating record information, and sending the record information to an application server of the financial institution;
after the provision of the business service is completed, sending indication information indicating that the provision of the business service is completed to an application server of the financial institution.
6. The method of claim 5, wherein the method further comprises:
receiving a unique identifier from an application server of a financial institution; the unique identifier is used for identifying data generated in the process of providing the business service;
the generating of the record information includes:
generating record information including the unique identifier.
7. An apparatus for responding to a service request, comprising:
a transceiving unit for receiving a request from a user equipment; the request is used for indicating to provide business service;
the processing unit is used for determining a service server providing the service and acquiring a stored access address of the service server and a key agreed with the service server in advance;
the receiving and sending unit is further configured to send, to the service server, the account information of the user equipment and the request encrypted with the key through the access address;
the receiving and sending unit is further used for receiving the record information from the service server; the record information is generated by the business server in the process of providing the business service;
the processing unit is further configured to store the record information when the transceiver unit receives indication information from the service server, where the indication information indicates that the provision of the service is completed.
8. The apparatus as recited in claim 7, said processing unit to further:
generating a unique identifier; the unique identifier is used for identifying data generated in the process of providing the business service;
the transceiver unit is further configured to:
and sending the unique identifier to the service server through the access address.
9. The apparatus of claim 8, wherein the unique identifier is included in the record information.
10. The apparatus of any of claims 7-9, wherein the transceiver unit is further configured to:
sending an authorization request to the user equipment; the authorization request is used for requesting to send the account information to the service server;
and receiving the authorization agreement information from the user equipment, and sending the account information to the service server.
11. An apparatus for responding to a service request, comprising:
a transceiving unit for receiving the encrypted request and the account information from an application server of the financial institution; the request is used for indicating to provide business service;
the processing unit is used for acquiring a secret key agreed in advance with an application server of the financial institution and decrypting the encrypted request and the account information by adopting the secret key; providing business service according to the request and the account information, generating record information, and sending the record information to an application server of the financial institution;
the receiving and sending unit is further configured to send, after the processing unit completes providing the business service, indication information indicating that providing the business service is completed to an application server of the financial institution.
12. The apparatus as recited in claim 11, wherein said transceiver unit is further configured to:
receiving a unique identifier from an application server of a financial institution; the unique identifier is used for identifying data generated in the process of providing the business service;
the processing unit is specifically configured to:
generating record information including the unique identifier.
13. An electronic device, comprising a controller and a memory,
the memory for storing computer programs or instructions;
the controller for executing a computer program or instructions in a memory, such that the method of any of claims 1-6 is performed.
14. A computer-readable storage medium having stored thereon computer-executable instructions which, when invoked by a computer, cause the computer to perform the method of any one of claims 1 to 6.
15. A computer program product, characterized in that the computer program product comprises computer program code which, when run by a computer, causes the computer to perform the method according to any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111481176.XA CN114157425A (en) | 2021-12-06 | 2021-12-06 | Method and device for responding service request |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111481176.XA CN114157425A (en) | 2021-12-06 | 2021-12-06 | Method and device for responding service request |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114157425A true CN114157425A (en) | 2022-03-08 |
Family
ID=80453239
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111481176.XA Pending CN114157425A (en) | 2021-12-06 | 2021-12-06 | Method and device for responding service request |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114157425A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115438324A (en) * | 2022-09-20 | 2022-12-06 | 中国建设银行股份有限公司 | Identity verification method, device and equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016088087A1 (en) * | 2014-12-04 | 2016-06-09 | Visa Cape Town (Pty) Ltd | Third party access to a financial account |
| CN109327314A (en) * | 2018-11-08 | 2019-02-12 | 阿里巴巴集团控股有限公司 | Access method, device, electronic equipment and the system of business datum |
| CN109982277A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团北京有限公司 | A kind of business authorization method and device |
| CN111429254A (en) * | 2020-03-19 | 2020-07-17 | 腾讯科技(深圳)有限公司 | Business data processing method and device and readable storage medium |
-
2021
- 2021-12-06 CN CN202111481176.XA patent/CN114157425A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016088087A1 (en) * | 2014-12-04 | 2016-06-09 | Visa Cape Town (Pty) Ltd | Third party access to a financial account |
| CN109982277A (en) * | 2017-12-28 | 2019-07-05 | 中国移动通信集团北京有限公司 | A kind of business authorization method and device |
| CN109327314A (en) * | 2018-11-08 | 2019-02-12 | 阿里巴巴集团控股有限公司 | Access method, device, electronic equipment and the system of business datum |
| CN111429254A (en) * | 2020-03-19 | 2020-07-17 | 腾讯科技(深圳)有限公司 | Business data processing method and device and readable storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115438324A (en) * | 2022-09-20 | 2022-12-06 | 中国建设银行股份有限公司 | Identity verification method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI726046B (en) | Methods for validating online access to secure device functionality | |
| KR102323382B1 (en) | Facilitate transfer of funds between user accounts | |
| CN110086768B (en) | Service processing method and device | |
| CN106878245B (en) | Graphic code information providing and obtaining method, device and terminal | |
| CN110502887A (en) | Electric paying method and device | |
| CN108551443A (en) | A kind of application login method, device, terminal device and storage medium | |
| JP2006099509A (en) | Information management device and method, and program | |
| US20100191954A1 (en) | Method and apparatus for transmitting message in heterogeneous federated environment, and method and apparatus for providing service using the message | |
| CN110276000B (en) | Method and device for acquiring media resources, storage medium and electronic device | |
| CN110399717A (en) | Key acquisition method and device, storage medium and electronic device | |
| CN108737080A (en) | Storage method, device, system and the equipment of password | |
| CN105871805A (en) | Anti-stealing-link method and device | |
| CN112165727B (en) | Parallel network distribution system and method and mobile terminal | |
| CN112004201A (en) | Short message sending method and device and computer system | |
| CN108347629A (en) | Video file processing method, device, server and storage medium | |
| CN114157425A (en) | Method and device for responding service request | |
| US20170324560A1 (en) | Method and Server for Providing Transaction Keys | |
| CN110266686B (en) | Data sharing method, device, equipment and computer readable storage medium | |
| CN110401526A (en) | Customer information safety interacting method, terminal and server based on small routine | |
| CN105743859A (en) | Method, device and system for authenticating light application | |
| CN106716401A (en) | Data interaction processing method, device and system | |
| CN111131227B (en) | Data processing method and device | |
| CN111125734B (en) | Data processing method and system | |
| CN110457959B (en) | Information transmission method and device based on Trust application | |
| CN114301675A (en) | Private data transaction method, system, computer device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |