CN114338138A - Processing method of private data acquisition request, private data acquisition method and device - Google Patents
Processing method of private data acquisition request, private data acquisition method and device Download PDFInfo
- Publication number
- CN114338138A CN114338138A CN202111615944.6A CN202111615944A CN114338138A CN 114338138 A CN114338138 A CN 114338138A CN 202111615944 A CN202111615944 A CN 202111615944A CN 114338138 A CN114338138 A CN 114338138A
- Authority
- CN
- China
- Prior art keywords
- terminal
- module
- decryption
- submodule
- private data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a processing method of a private data acquisition request, a private data acquisition method and a private data acquisition device, and relates to the technical field of data security. One embodiment of the method comprises: receiving a privacy data acquisition request sent by a terminal; determining a decryption submodule lacking in the terminal, and generating a data packet of the decryption submodule lacking in the terminal; determining privacy data corresponding to the privacy data acquisition request, and encrypting the privacy data; generating a return result aiming at the private data acquisition request, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data; and sending the return result to the terminal. The embodiment can improve the security of the private data.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a processing method of a private data acquisition request, a private data acquisition method and a private data acquisition device.
Background
The Internet brings great convenience to the life of people, and the people enjoy the convenient information acquisition of the network but have information safety hidden dangers.
The existing method for acquiring the private data comprises the following steps: the terminal requests the server for the private data acquisition request, the server encrypts the private data by using the corresponding public key, and the encrypted data is generated and returned to the terminal. The terminal decrypts the data by using a local private key so as to acquire specific private data. But the security level of the general user terminal is low, and the risk of disclosure of the private data exists.
Disclosure of Invention
In view of this, embodiments of the present invention provide a processing method for a private data acquisition request, a private data acquisition method, and an apparatus, which can improve security of private data.
In a first aspect, an embodiment of the present invention provides a method for processing a private data acquisition request, which is applied to a server side, and includes:
receiving a privacy data acquisition request sent by a terminal;
determining a decryption submodule lacking in the terminal, and generating a data packet of the decryption submodule lacking in the terminal;
determining privacy data corresponding to the privacy data acquisition request, and encrypting the privacy data;
generating a return result aiming at the private data acquisition request, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
and sending the return result to the terminal.
Optionally, before receiving the private data obtaining request sent by the terminal, the method further includes:
receiving an installation request aiming at a decryption module sent by the terminal;
determining a local submodule of the terminal corresponding to the decryption module, and generating a data packet of the local submodule;
and returning the data packet of the local sub-module to the terminal.
Optionally, before determining that the terminal corresponds to the local sub-module of the decryption module, the method further includes:
acquiring the decryption module;
splitting the decryption module into a plurality of decryption sub-modules;
the determining that the terminal corresponds to the local sub-module of the decryption module includes:
and determining at least one decryption submodule from the plurality of decryption submodules as the local submodule according to a preset algorithm.
Optionally, the determining a decryption submodule that is missing from the terminal includes:
and removing the local sub-module from the plurality of decryption sub-modules to obtain the decryption sub-module lacking in the terminal.
In a second aspect, an embodiment of the present invention provides a method for obtaining private data, which is applied to a terminal, and includes:
sending a privacy data acquisition request to a server side;
receiving a return result aiming at the private data acquisition request sent by the server, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
installing a data packet of the decryption submodule lacking in the terminal, generating the decryption submodule lacking in the terminal, calling a local submodule in the terminal and generating a decryption module;
and decrypting the encrypted private data by using the decryption module to acquire the private data.
Optionally, before sending the private data obtaining request to the server, the method further includes:
sending an installation request to a server side;
receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request;
and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
Optionally, the invoking a local sub-module in the terminal to generate a decryption module includes:
loading a decryption sub-module, the local sub-module and the encrypted private data which are lacked by the terminal into a memory of the terminal;
and calling the local submodule in the memory of the terminal to generate the decryption module.
Optionally, after the decrypting, by using the decryption module, the encrypted private data to obtain the private data, the method further includes:
and releasing the decryption submodule lacked by the terminal and the encrypted private data from the memory of the terminal.
In a third aspect, an embodiment of the present invention provides a device for processing a private data acquisition request, which is applied to a server side, and includes:
the request receiving module is used for receiving a privacy data acquisition request sent by a terminal;
the data packet generating module is used for determining the decryption submodule lacking in the terminal and generating the data packet of the decryption submodule lacking in the terminal;
the encryption module is used for determining the private data corresponding to the private data acquisition request and encrypting the private data;
a result generating module, configured to generate a return result for the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
and the result sending module is used for sending the return result to the terminal.
Optionally, the method further comprises:
the installation response module is used for receiving an installation request aiming at the decryption module sent by the terminal;
determining a local submodule of the terminal corresponding to the decryption module, and generating a data packet of the local submodule;
and returning the data packet of the local sub-module to the terminal.
In a fourth aspect, an embodiment of the present invention provides a private data obtaining apparatus, which is applied to a terminal, and includes:
the request sending module is used for sending a private data acquisition request to the server side;
a result receiving module, configured to receive a return result sent by the server and addressed to the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
the generating module is used for installing the data packet of the decryption submodule lacking in the terminal, generating the decryption submodule lacking in the terminal, calling the local submodule in the terminal and generating the decryption module;
and the decryption module is used for decrypting the encrypted private data by utilizing the decryption module so as to acquire the private data.
Optionally, the method further comprises:
the installation module is used for sending an installation request to the server side;
receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request;
and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
In a fifth aspect, an embodiment of the present invention provides an electronic device, including:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any of the embodiments described above.
In a sixth aspect, the present invention provides a computer-readable medium, on which a computer program is stored, where the computer program is executed by a processor to implement the method of any one of the above embodiments.
In a seventh aspect, an embodiment of the present invention provides a computer program product, which includes a computer program, and when the program is executed by a processor, the method described in any of the above embodiments is implemented.
One embodiment of the above invention has the following advantages or benefits: the terminal only stores part of the decryption submodule, namely the local submodule. And when the server returns a result to the terminal, the server returns the decryption submodule lacked by the terminal and the encrypted private data together. And the terminal generates a decryption module by using the missing sub-modules and the local sub-modules sent by the server, and then decrypts through the decryption module to determine the private data. Different terminals can correspond to different local sub-modules, complete decryption modules cannot be stored on the terminals, and specific codes of the decryption modules are difficult to crack through the terminals, so that the safety of private data is improved.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic flowchart of a method for processing a private data acquisition request according to a first embodiment of the present invention;
fig. 2 is a flowchart illustrating an installation method of a decryption program according to a second embodiment of the present invention;
fig. 3 is a flowchart illustrating a private data obtaining method according to a third embodiment of the present invention;
fig. 4 is a flowchart illustrating a method for installing a decryption program according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for obtaining a request of private data according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of a private data obtaining apparatus according to an embodiment of the present invention;
fig. 7 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
Fig. 1 is a flowchart illustrating a method for processing a private data obtaining request according to a first embodiment of the present invention, where as shown in fig. 1, the method includes:
step 101: and receiving a privacy data acquisition request sent by the terminal.
The method of the embodiment of the invention is applied to the server side. And the server receives a privacy data acquisition request sent by the terminal. The private data is sensitive data of individuals or enterprises, and needs to be encrypted and protected to prevent the private data from being leaked. The privacy data may include: a bank account of an individual or business, an account password of an individual or business, an account balance of an individual or business, etc.
Step 102: determining the decryption submodule which is lacked by the terminal, and generating a data packet of the decryption submodule which is lacked by the terminal.
In the scheme of the embodiment of the invention, the decryption sub-modules which are lacked by the terminal are partial sub-modules of the decryption module. The decryption module is divided into a plurality of decryption submodules. The decryption module is used for decrypting the encrypted private data. The terminal only stores part of the decryption submodule, namely the local submodule.
For example, the decryption module includes five sub-modules, module 1 to module 5. The modules 1-4 can be stored on the terminal as local sub-modules. The module 5 is a missing decryption submodule of the terminal.
In addition, the decryption submodule lacking in the terminal may also be an operating parameter, a calculation formula or other related data in the decryption module, and may be only some data or formulas involved in the decryption module for decryption. Therefore, the quantity of the data of the returned result to be issued is ensured to be smaller, the network burden is reduced, and the response speed of the terminal and the server system can be improved.
The decryption module may not be split modularly, but some key data or related data is missing in some code functions. When the terminal requests the privacy data from the server, the server sends the key data to the terminal as a decryption sub-module lacking in the terminal.
And the data packet of the decryption submodule lacking in the terminal is used for installing or generating the decryption submodule lacking in the terminal.
Step 103: and determining the private data corresponding to the private data acquisition request, and encrypting the private data.
The private data may be encrypted using a common encryption method. The private data can also be encrypted by using the public key, and the terminal decrypts the encrypted private data by using the private key of the terminal. The scheme of the embodiment of the invention does not limit the encryption method of the private data at all.
Step 104: generating a return result aiming at the private data acquisition request, wherein the return result comprises: and the terminal lacks a data packet of a decryption submodule and encrypted privacy data.
Step 105: and sending the return result to the terminal.
The terminal only stores part of the decryption submodule, namely the local submodule. And when the server returns the result to the terminal, the sub-modules which are lacked by the terminal and the encrypted privacy data are returned together. And the terminal generates a decryption module by using the missing sub-modules and the local sub-modules sent by the server, and then decrypts through the decryption module to determine the private data. Different terminals can correspond to different local sub-modules, complete decryption modules cannot be stored on the terminals, and specific codes of the decryption modules are difficult to crack through the terminals, so that the safety of private data is improved.
Fig. 2 is a flowchart illustrating an installation method of a decryption program according to a second embodiment of the present invention, where as shown in fig. 2, the method includes:
step 201: and receiving an installation request for the decryption module sent by the terminal.
Step 202: and determining a local sub-module of the terminal corresponding to the decryption module, and generating a data packet of the local sub-module.
And the server side acquires the decryption module and splits the decryption module into a plurality of decryption sub-modules. The decryption module is used for decrypting the encrypted private data. And determining at least one decryption submodule from the plurality of decryption submodules as the local submodule according to a preset algorithm.
The preset algorithm can be set according to specific requirements. For example, the preset algorithm may be a modulo algorithm or a remainder algorithm. The server can obtain a firmware identification of the terminal, determine the decryption submodule lacking in the terminal by performing modulo operation or complementation on the firmware identification, and determine the remaining decryption submodule as a local submodule.
The local submodules corresponding to the terminals are different. In an embodiment of the present invention, the correspondence between the terminal and the local sub-module may be stored at the server side. And after receiving a private data acquisition request sent by the terminal, removing the local sub-module from the plurality of decryption sub-modules corresponding to the decryption module to obtain the decryption sub-module lacking in the terminal.
Step 203: and returning the data packet of the local sub-module to the terminal.
The method of the embodiment of the invention is applied to the server side. And the server receives the installation request sent by the terminal and returns the data packet corresponding to part of the decryption submodules to the terminal. Only part of the decryption submodule is stored in the terminal. Compared with a decryption module which is completely stored in the terminal, the possibility that malicious network users such as hackers can decode the decryption algorithm is reduced.
Fig. 3 is a flowchart of a private data obtaining method according to a third embodiment of the present invention, and as shown in fig. 3, the method includes:
step 301: and sending a privacy data acquisition request to a server side.
The method of the embodiment of the invention is applied to the terminal. And the terminal sends a privacy data acquisition request to the server side to acquire the privacy data. The private data acquisition request may include: terminal identification, firmware identification of the terminal and the like.
Step 302: receiving a return result aiming at the private data acquisition request sent by the server, wherein the return result comprises: and the terminal lacks a data packet of a decryption submodule and encrypted privacy data.
In the scheme of the embodiment of the invention, the terminal only stores part of decryption submodules, namely the local submodules. The decryption module is used for decrypting the encrypted private data. For example, the decryption module includes five sub-modules, module 1 to module 5. The modules 2-5 can be stored on the terminal as local sub-modules. The module 1 is a decryption minority block lacking in the terminal.
In addition, the decryption submodule lacking in the terminal may also be an operating parameter, a calculation formula or other related data in the decryption module, and may be only some data or formulas involved in the decryption module for decryption. Therefore, the quantity of the data of the returned result to be issued is ensured to be smaller, the network burden is reduced, and the response speed of the terminal and the server system can be improved.
The decryption module may not be split modularly, but some key data or related data is missing in some code functions. When the terminal requests the privacy data from the server, the server sends the key data to the terminal as a decryption sub-module lacking in the terminal.
Step 303: and installing a data packet of the decryption submodule lacking in the terminal, generating the decryption submodule lacking in the terminal, calling a local submodule in the terminal and generating a decryption module.
And installing the data packet of the decryption submodule lacking in the terminal, and generating the decryption submodule lacking in the terminal. And a complete decryption module can be generated by using the decryption submodule and the local submodule which are lacked in the terminal, and the encrypted private data is decrypted by using the decryption module.
Step 304: and decrypting the encrypted private data by using the decryption module to acquire the private data.
After the private data is obtained, the decryption module, the decryption sub-module lacking in the terminal, and the like can be deleted from the memory, the hard disk, and the like, so as to ensure the security of the private data.
In an embodiment of the present invention, both the decryption sub-module and the local sub-module that are missing from the terminal may be loaded into the memory of the terminal; and calling the local submodule in the memory of the terminal to generate the decryption module. After the private data is obtained, the decryption submodule lacking in the terminal and the encrypted private data may be released from the memory of the terminal. After the decryption module is used for acquiring the private data, the decryption module in the memory is directly released, so that malicious users such as hackers are difficult to acquire specific codes of the decryption module, the difficulty of the hackers in deciphering the decryption algorithm is increased, and the safety of network information is further ensured.
In the embodiment of the invention, the terminal only stores part of the decryption submodule, namely the local submodule. And when the server returns the result to the terminal, the sub-modules which are lacked by the terminal and the encrypted privacy data are returned together. And the terminal generates a decryption module by using the missing sub-modules and the local sub-modules sent by the server, and then decrypts through the decryption module to determine the private data. Different terminals can correspond to different local sub-modules, complete decryption modules cannot be stored on the terminals, and specific codes of the decryption modules are difficult to crack through the terminals, so that the safety of private data is improved.
Fig. 4 is a flowchart illustrating an installation method of a decryption program according to a fourth embodiment of the present invention, where as shown in fig. 4, the method includes:
step 401: and sending an installation request to a server side.
The method of the embodiment of the invention is applied to the terminal. The terminal sends an installation request to the server. The installation request is for installing a decryption module for the private data.
Step 402: and receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request.
And the server side acquires a decryption module corresponding to the installation request and splits the decryption module into a plurality of decryption sub-modules. The decryption module is used for decrypting the encrypted private data. And determining at least one decryption submodule from the plurality of decryption submodules as a local submodule according to a preset algorithm.
The preset algorithm can be set according to specific requirements. For example, the preset algorithm may be a modulo algorithm or a remainder algorithm. The server can obtain a firmware identification of the terminal, determine the decryption submodule lacking in the terminal by performing modulo operation or complementation on the firmware identification, and determine the remaining decryption submodule as a local submodule.
Step 403: and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
And only the local submodule is stored in the terminal by using the data packet of the local submodule. And a decryption submodule which is lacked by the terminal is only used for sending the encrypted privacy data to the terminal when the terminal requests the privacy data. Compared with a decryption module which is completely stored in the terminal, the possibility that malicious network users such as hackers can decode the decryption algorithm is reduced.
Fig. 5 is a schematic structural diagram of an apparatus for obtaining a request of private data according to an embodiment of the present invention, applied to a server, as shown in fig. 5, the apparatus includes:
a request receiving module 501, configured to receive a private data obtaining request sent by a terminal;
a data packet generating module 502, configured to determine a decryption submodule that is missing from the terminal, and generate a data packet of the decryption submodule that is missing from the terminal;
the encryption module 503 is configured to determine private data corresponding to the private data obtaining request, and encrypt the private data;
a result generating module 504, configured to generate a return result for the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
a result sending module 505, configured to send the return result to the terminal.
Optionally, the method further comprises:
an installation response module 506, configured to receive an installation request for the decryption module sent by the terminal;
determining a local submodule of the terminal corresponding to the decryption module, and generating a data packet of the local submodule;
and returning the data packet of the local sub-module to the terminal.
Optionally, the installation response module 506 is further configured to:
acquiring the decryption module;
splitting the decryption module into a plurality of decryption sub-modules;
the determining that the terminal corresponds to the local sub-module of the decryption module includes:
and determining at least one decryption submodule from the plurality of decryption submodules as the local submodule according to a preset algorithm.
Optionally, the data packet generating module 502 is specifically configured to:
and removing the local sub-module from the plurality of decryption sub-modules to obtain the decryption sub-module lacking in the terminal.
Fig. 6 is a schematic flowchart of a private data obtaining apparatus according to an embodiment of the present invention, which is applied to a terminal, and as shown in fig. 6, the apparatus includes:
a request sending module 601, configured to send a private data obtaining request to a server;
a result receiving module 602, configured to receive a return result sent by the server and addressed to the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
the generating module 603 is configured to install a data packet of the decryption sub-module that the terminal lacks, generate the decryption sub-module that the terminal lacks, further call a local sub-module in the terminal, and generate a decryption module;
the decryption module 604 is configured to decrypt the encrypted private data by using the decryption module, so as to obtain the private data.
Optionally, the method further comprises:
an installation module 605, configured to send an installation request to a server;
receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request;
and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
Optionally, the generating module 603 is specifically configured to:
loading a decryption sub-module, the local sub-module and the encrypted private data which are lacked by the terminal into a memory of the terminal;
and calling the local submodule in the memory of the terminal to generate the decryption module.
Optionally, the method further comprises:
a releasing module 606, configured to release, from the memory of the terminal, the decryption sub-module that is absent from the terminal and the encrypted private data.
An embodiment of the present invention provides an electronic device, including:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the method of any of the embodiments described above.
Embodiments of the present invention provide a computer program product, including a computer program, which, when executed by a processor, implements processing of a private data acquisition request in embodiments of the present invention.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the system 700 are also stored. The CPU 701, the ROM 702, and the RAM 703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 701.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: the device comprises a request receiving module, a data packet generating module, an encrypting module, a result generating module and a result sending module. The names of these modules do not constitute a limitation to the module itself in some cases, and for example, the request receiving module may also be described as a "module that receives a private data acquisition request transmitted by a terminal".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise:
receiving a privacy data acquisition request sent by a terminal;
determining a decryption submodule lacking in the terminal, and generating a data packet of the decryption submodule lacking in the terminal;
determining privacy data corresponding to the privacy data acquisition request, and encrypting the privacy data;
generating a return result aiming at the private data acquisition request, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
and sending the return result to the terminal.
According to the technical scheme of the embodiment of the invention, the terminal only stores part of decryption submodules, namely the local submodules. And when the server returns the result to the terminal, the sub-modules which are lacked by the terminal and the encrypted privacy data are returned together. And the terminal generates a decryption module by using the missing sub-modules and the local sub-modules sent by the server, and then decrypts through the decryption module to determine the private data. Different terminals can correspond to different local sub-modules, complete decryption modules cannot be stored on the terminals, and specific codes of the decryption modules are difficult to crack through the terminals, so that the safety of private data is improved.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (15)
1. A processing method for a private data acquisition request is applied to a server side, and comprises the following steps:
receiving a privacy data acquisition request sent by a terminal;
determining a decryption submodule lacking in the terminal, and generating a data packet of the decryption submodule lacking in the terminal;
determining privacy data corresponding to the privacy data acquisition request, and encrypting the privacy data;
generating a return result aiming at the private data acquisition request, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
and sending the return result to the terminal.
2. The method according to claim 1, wherein before the receiving the request for obtaining the private data sent by the terminal, the method further comprises:
receiving an installation request sent by the terminal;
determining a local submodule of the terminal corresponding to a decryption module, and generating a data packet of the local submodule;
and returning the data packet of the local sub-module to the terminal.
3. The method of claim 2, wherein prior to determining that the terminal corresponds to a local sub-module of the decryption module, further comprising:
acquiring the decryption module;
splitting the decryption module into a plurality of decryption sub-modules;
the determining that the terminal corresponds to the local sub-module of the decryption module includes:
and determining at least one decryption submodule from the plurality of decryption submodules as the local submodule according to a preset algorithm.
4. The method of claim 3, wherein the determining the missing decryption submodule of the terminal comprises:
and removing the local sub-module from the plurality of decryption sub-modules to obtain the decryption sub-module lacking in the terminal.
5. A method for obtaining private data is applied to a terminal and comprises the following steps:
sending a privacy data acquisition request to a server side;
receiving a return result aiming at the private data acquisition request sent by the server, wherein the return result comprises: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
installing a data packet of the decryption submodule lacking in the terminal, generating the decryption submodule lacking in the terminal, calling a local submodule in the terminal and generating a decryption module;
and decrypting the encrypted private data by using the decryption module to acquire the private data.
6. The method according to claim 5, wherein before sending the private data obtaining request to the server, the method further comprises:
sending an installation request to a server side;
receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request;
and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
7. The method of claim 5, wherein the invoking a local sub-module in the terminal to generate a decryption module comprises:
loading a decryption sub-module, the local sub-module and the encrypted private data which are lacked by the terminal into a memory of the terminal;
and calling the local submodule in the memory of the terminal to generate the decryption module.
8. The method according to claim 7, wherein after the decrypting, by using the decryption module, the encrypted private data to obtain the private data, further comprising:
and releasing the decryption submodule lacked by the terminal and the encrypted private data from the memory of the terminal.
9. The processing device for the private data acquisition request is characterized in that the method is applied to a server side and comprises the following steps:
the request receiving module is used for receiving a privacy data acquisition request sent by a terminal;
the data packet generating module is used for determining the decryption submodule lacking in the terminal and generating the data packet of the decryption submodule lacking in the terminal;
the encryption module is used for determining the private data corresponding to the private data acquisition request and encrypting the private data;
a result generating module, configured to generate a return result for the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
and the result sending module is used for sending the return result to the terminal.
10. The apparatus of claim 9, further comprising:
the installation response module is used for receiving an installation request sent by the terminal;
determining a local submodule of the terminal corresponding to a decryption module, and generating a data packet of the local submodule;
and returning the data packet of the local sub-module to the terminal.
11. The private data acquisition device is characterized in that the method is applied to a terminal and comprises the following steps:
the request sending module is used for sending a private data acquisition request to the server side;
a result receiving module, configured to receive a return result sent by the server and addressed to the private data obtaining request, where the return result includes: the terminal lacks a data packet of a decryption submodule and encrypted privacy data;
the generating module is used for installing the data packet of the decryption submodule lacking in the terminal, generating the decryption submodule lacking in the terminal, calling the local submodule in the terminal and generating the decryption module;
and the decryption module is used for decrypting the encrypted private data by utilizing the decryption module so as to acquire the private data.
12. The apparatus of claim 11, further comprising:
the installation module is used for sending an installation request to the server side;
receiving a data packet of the local sub-module returned by the server terminal aiming at the installation request;
and installing the data packet of the local sub-module, and storing the local sub-module in the terminal.
13. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-4 or 5-8.
14. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-4 or 5-8.
15. A computer program product comprising a computer program, characterized in that the computer program realizes the method according to any of claims 1-4 or 5-8 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111615944.6A CN114338138A (en) | 2021-12-27 | 2021-12-27 | Processing method of private data acquisition request, private data acquisition method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111615944.6A CN114338138A (en) | 2021-12-27 | 2021-12-27 | Processing method of private data acquisition request, private data acquisition method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114338138A true CN114338138A (en) | 2022-04-12 |
Family
ID=81012863
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111615944.6A Pending CN114338138A (en) | 2021-12-27 | 2021-12-27 | Processing method of private data acquisition request, private data acquisition method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338138A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105101183A (en) * | 2014-05-07 | 2015-11-25 | 中国电信股份有限公司 | Method and system for protecting private contents at mobile terminal |
| CN106446697A (en) * | 2016-07-26 | 2017-02-22 | 邬超 | Method and device for saving private data |
| CN112685781A (en) * | 2020-12-31 | 2021-04-20 | 上海玳鸽信息技术有限公司 | Private data exchange method, system, electronic equipment and storage medium |
-
2021
- 2021-12-27 CN CN202111615944.6A patent/CN114338138A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105101183A (en) * | 2014-05-07 | 2015-11-25 | 中国电信股份有限公司 | Method and system for protecting private contents at mobile terminal |
| CN106446697A (en) * | 2016-07-26 | 2017-02-22 | 邬超 | Method and device for saving private data |
| CN112685781A (en) * | 2020-12-31 | 2021-04-20 | 上海玳鸽信息技术有限公司 | Private data exchange method, system, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| CN108880812B (en) | Method and system for data encryption | |
| CN105991563B (en) | Method and device for protecting security of sensitive data and three-party service system | |
| US11449820B2 (en) | Electronic signing method and apparatus | |
| CN114915504B (en) | Security chip initial authentication method and system | |
| CN112437044A (en) | Instant messaging method and device | |
| CN108881122B (en) | APP information verification method and device | |
| CN112307515A (en) | Database-based data processing method and device, electronic equipment and medium | |
| CN111416788B (en) | Method and device for preventing transmission data from being tampered | |
| CN109711178B (en) | Key value pair storage method, device, equipment and storage medium | |
| CN113946863A (en) | Data encryption storage method, system, equipment and storage medium | |
| CN113282951A (en) | Security verification method, device and equipment for application program | |
| CN112822021A (en) | Key management method and related device | |
| CN107707528B (en) | Method and device for isolating user information | |
| CN114615087B (en) | Data sharing method, device, equipment and medium | |
| CN109995534B (en) | Method and device for carrying out security authentication on application program | |
| CN111767550A (en) | Data storage method and device | |
| CN115567263A (en) | Data transmission management method, data processing method and device | |
| CN114338138A (en) | Processing method of private data acquisition request, private data acquisition method and device | |
| CN113946862A (en) | Data processing method, device and equipment and readable storage medium | |
| CN113992345A (en) | Method and device for encrypting and decrypting webpage sensitive data, electronic equipment and storage medium | |
| CN111831978A (en) | Method and device for protecting configuration file | |
| CN110619236A (en) | File authorization access method, device and system based on file credential information | |
| CN112926076B (en) | Data processing method, device and system | |
| CN114143026B (en) | Data security interface based on asymmetric and symmetric encryption and working method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |