CN114785537A - Dynamic encryption method for internet release of three-dimensional model data - Google Patents
Dynamic encryption method for internet release of three-dimensional model data Download PDFInfo
- Publication number
- CN114785537A CN114785537A CN202210198005.4A CN202210198005A CN114785537A CN 114785537 A CN114785537 A CN 114785537A CN 202210198005 A CN202210198005 A CN 202210198005A CN 114785537 A CN114785537 A CN 114785537A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- dimensional model
- token
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 150000003839 salts Chemical class 0.000 claims abstract description 33
- 238000013475 authorization Methods 0.000 claims abstract description 11
- 235000014510 cooky Nutrition 0.000 claims description 4
- 230000008569 process Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 238000009938 salting Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T17/00—Three dimensional [3D] modelling, e.g. data description of 3D objects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The invention discloses a dynamic encryption method for three-dimensional model data internet release.A user obtains unique authentication token authorization when the user accesses the network through client login; a user client initiates a request for calling a three-dimensional model to a server through the Internet, accesses three-dimensional model data, combines the user token serving as user private salt and system public salt after passing validity check authentication, reads data resources which the user needs to access, encrypts the data and finally returns an encrypted data stream; combining local client public salt and token private salt logged by a user into a dynamic decryption key; the method and the system have the advantages that the decryption secret key is used for decrypting and reading the returned data, and the three-dimensional model data are displayed on the client side for browsing.
Description
Technical Field
The invention relates to the technical field of data encryption, in particular to a dynamic encryption method for internet release of three-dimensional model data.
Background
The three-dimensional model data is most applied to oblique photography results and traditional manual modeling at present, when the three-dimensional model data is released based on the Internet, the data needs to be processed into a 3D files format of the OGC standard, but the format data is data in a public format and cannot be used for encrypting access protection of the data. At present, three-dimensional model data access based on the Internet is based on a 3D files data standard form. The standard does not provide relevant strategies and functions for data security access, and provides a JSON format file of a three-dimensional model scene, and a description file for describing the detail level hierarchy of the three-dimensional model and the path of the tile data b3dm file. And loading the JSON description file through a network by a user, analyzing the data hierarchical structure and the data tile path, and finally realizing the loading and display of the three-dimensional model data.
b3dm is collectively called Batched 3D model (bulk 3D model), and b3dm allows different types of 3D models, such as different buildings in a city, to be organized into efficient data streams to web-side rendering and interaction, this efficiency coming from translating multiple models at one request and consuming minimal webGL.
JSON (JS Object Notation) is a lightweight data exchange format that stores and represents data in a text format completely independent of programming languages, based on a subset of ECMAScript (JS specification set by the european computer association). The compact and clear hierarchy makes JSON an ideal data exchange language. The method is easy for human reading and writing, and is also easy for machine analysis and generation, and the network transmission efficiency is effectively improved.
Because the existing 3D files standard does not provide a function of data security encryption access, the data security of a user when accessing three-dimensional model data through the internet cannot be guaranteed, the problem of data security when the three-dimensional model data is released on the internet and accessed through the internet is particularly important to be solved in the future process of the social commercialization oriented operation of live three-dimensional China, and the data release security problem of the three-dimensional model data in the internet application needs to be controlled through an effective encryption method.
Disclosure of Invention
The invention provides a dynamic encryption method for internet release of three-dimensional model data to solve the problems, and ensures the safe release of the three-dimensional model data in internet application.
In order to achieve the purpose, the invention adopts the following technical scheme:
the dynamic encryption method for the internet release of the three-dimensional model data comprises the following steps:
step (1): a user logs in through a client to obtain unique authentication token authorization when the user accesses the system currently;
step (2): token authorization is returned to the user client and then stored in cookie storage of the user client;
and (3): the method comprises the steps that a user client side sends a request for calling a three-dimensional model to a server side through the Internet, the three-dimensional model data is accessed, token authorization after user login authentication is carried during access so that the server side can conduct validity check on the token, the user token is combined with system public salt as user private salt after the validity check authentication is passed, data resources needing to be accessed by a user are read, the data are encrypted, and finally, encrypted data streams are returned.
And (4): after successfully receiving the encrypted data returned by the server, the user client combines a dynamic decryption secret key through local client public salt and token private salt logged by the user; and decrypting by using the decryption key to read the returned data, and finally displaying the three-dimensional model data on the client for browsing.
In the dynamic encryption method for internet release of three-dimensional model data, the algorithm for encrypting the data in the step (3) is based on an AES symmetric encryption algorithm
In the dynamic encryption method for the internet release of the three-dimensional model data, the algorithm for decrypting by using the decryption key in the step (4) is an AES symmetric encryption algorithm.
The beneficial effects produced by adopting the invention are as follows:
on the basis of 3D files data, the invention utilizes the user login dynamic token and AES encryption technology to dynamically return encrypted data streams to each user, thereby ensuring that the user can only analyze the access data under a specific platform when accessing the Internet and ensuring the safety of the three-dimensional model data.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention relates to a dynamic encryption method for three-dimensional model data internet release, which comprises the following specific steps:
step (1), login authentication: firstly, obtaining the unique authentication authorization when the user accesses currently through user login, namely obtaining the token authorization obtained through login in a mode of account number password or mobile phone number verification code currently. The user acquires the dynamic token after logging in, so that the encryption and decryption secret keys are dynamic each time, the secret keys are prevented from being leaked, and the system safety is improved.
token is a special frame that can control a station to possess media to distinguish data frames from other control frames. By using the Token-based authentication method, the login record of the user does not need to be stored at the server. After the client requests login by using the user name and the password, the server receives the request to verify the user name and the password; after the verification is successful, the server side can issue a Token and then sends the Token to the client side; after receiving Token, the client can store it, for example, in Cookie or Local Storage; the client needs to bring Token issued by the server when requesting resources from the server each time; and the server receives the request, then verifies the Token carried in the request of the client, and returns the requested data to the client if the verification is successful.
Step (2) authentication success stage: and the token authorization is returned to the user and then stored in a cookie storage of the user side, and the token is used as a public salt and private salt decryption combination secret key of each user for decryption. The secret key is formed by combining system public salt and user dynamic private salt, is based on an Advanced Encryption Standard (AES) Advanced Encryption Standard, and is the most popular and effective symmetric Encryption algorithm at present.
Salt value encryption, in cryptography, a process of inserting a specific character string at an arbitrary fixed position of a password to make a hashed result not accord with a hashed result using an original password is called 'salting'. After a user inputs a password for registration, a salt is randomly generated, then the salt is scattered into a plaintext password according to a certain confusion rule, finally the password added with salt is used as a message digest, the message digest of the salt and the password is transmitted to a server, and the server matches the digest. Because salt is generated randomly, salt is not generated every time, salt can exist in a local place or a server, and the salt adding rule is only required to be leaked out, so that the process is much safer than simple password digest. A private Salt is set by private Salt, which automatically mixes with the public Salt the user has introduced at the time of hashing to produce a new Salt.
Step (3) access request stage: a user initiates a request for calling the three-dimensional model to a server through the Internet, accesses the three-dimensional model data, and carries token authorization after user login authentication during access. The server side firstly carries out validity check on the token, after the token passes the authentication, the user token is used as user private salt to be combined with system public salt, resource reading is carried out on data which needs to be accessed by a user, the data is encrypted based on an AES symmetric encryption algorithm, and finally, the encrypted data stream is returned. Through an AES symmetric encryption algorithm, uniqueness and safety of data streams are guaranteed when three-dimensional model data are accessed through the Internet.
And (4) data return stage: and after the user successfully receives the encrypted data returned by the server, combining the encrypted data with the token private salt logged in by the user into a dynamic decryption secret key through the local system public salt. And performing AES decryption through the key to read the returned data. And finally, displaying the data on a client side for three-dimensional model browsing.
At present, no similar technology exists in the aspect of three-dimensional models, and the similar technology exists in the aspect of two-dimensional data and is realized by encrypting picture access paths. However, the pictures accessed through the encryption path are plaintext unencrypted data after being downloaded to the client, which causes data leakage and insecurity.
On the basis of 3D files data, the invention utilizes the user login dynamic token and AES encryption technology to dynamically return encrypted data streams to each user, and ensures that the user can only analyze the access data under a specific platform when accessing the Internet.
The foregoing is a more detailed description of the invention that is presented in connection with specific embodiments, which are not intended to limit the invention to the particular embodiments described herein. For a person skilled in the art to which the invention pertains, several equivalent alternatives or obvious modifications, all of which have the same properties or uses, without departing from the inventive concept, should be considered as falling within the scope of the patent protection of the invention, as determined by the claims filed.
Claims (3)
1. A dynamic encryption method for three-dimensional model data internet release is characterized by comprising the following steps:
step (1): a user logs in through a client to obtain unique authentication token authorization when the user accesses the system currently;
step (2): token authorization is returned to the user client and then stored in cookie storage of the user client;
and (3): a user client initiates a request for calling a three-dimensional model to a server through the Internet, accesses three-dimensional model data, carries token authorization after user login authentication during access so that the server can check the legitimacy of the token, combines the user token serving as user private salt and system public salt after passing the legitimacy check authentication, reads data resources required to be accessed by a user, encrypts the data, and finally returns encrypted data streams;
and (4): after successfully receiving the encrypted data returned by the server, the user client combines a dynamic decryption secret key through local client public salt and token private salt logged by the user; and decrypting by using the decryption key to read the returned data, and finally displaying the three-dimensional model data on the client for browsing.
2. The dynamic encryption method for internet distribution of three-dimensional model data according to claim 1, characterized in that: the algorithm for encrypting the data in the step (3) is based on an AES symmetric encryption algorithm.
3. The dynamic encryption method for internet release of three-dimensional model data according to claim 1, characterized in that: and (4) the algorithm for decrypting by using the decryption key in the step (4) is an AES symmetric encryption algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210198005.4A CN114785537A (en) | 2022-03-01 | 2022-03-01 | Dynamic encryption method for internet release of three-dimensional model data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210198005.4A CN114785537A (en) | 2022-03-01 | 2022-03-01 | Dynamic encryption method for internet release of three-dimensional model data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114785537A true CN114785537A (en) | 2022-07-22 |
Family
ID=82423349
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210198005.4A Pending CN114785537A (en) | 2022-03-01 | 2022-03-01 | Dynamic encryption method for internet release of three-dimensional model data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114785537A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160192194A1 (en) * | 2014-12-29 | 2016-06-30 | Gongming Yang | Secure way to build internet credit system and protect private information |
| CN107037991A (en) * | 2016-02-04 | 2017-08-11 | 索尼公司 | Message processing device, information processing method and distributed elements |
| CN109005028A (en) * | 2018-11-02 | 2018-12-14 | 美的集团股份有限公司 | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system |
| CN111800257A (en) * | 2020-06-01 | 2020-10-20 | 青岛海尔智能技术研发有限公司 | 3D model encryption transmission method and decryption method |
| CN113537965A (en) * | 2021-07-09 | 2021-10-22 | 萨摩亚商恩旺股份有限公司 | Solid modeling and non-homogenization virtual and anti-counterfeiting integration system |
-
2022
- 2022-03-01 CN CN202210198005.4A patent/CN114785537A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160192194A1 (en) * | 2014-12-29 | 2016-06-30 | Gongming Yang | Secure way to build internet credit system and protect private information |
| CN107037991A (en) * | 2016-02-04 | 2017-08-11 | 索尼公司 | Message processing device, information processing method and distributed elements |
| CN109005028A (en) * | 2018-11-02 | 2018-12-14 | 美的集团股份有限公司 | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system |
| CN111800257A (en) * | 2020-06-01 | 2020-10-20 | 青岛海尔智能技术研发有限公司 | 3D model encryption transmission method and decryption method |
| CN113537965A (en) * | 2021-07-09 | 2021-10-22 | 萨摩亚商恩旺股份有限公司 | Solid modeling and non-homogenization virtual and anti-counterfeiting integration system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103795692B (en) | Open authorization method, system and certification authority server | |
| CN114726643B (en) | Data storage and access methods and devices on cloud platform | |
| CN107359998B (en) | A kind of foundation and operating method of portable intelligent password management system | |
| CN104935568A (en) | Interface authentication signature method facing cloud platform | |
| WO2018219056A1 (en) | Authentication method, device, system and storage medium | |
| CN112671720B (en) | Token construction method, device and equipment for cloud platform resource access control | |
| TW201103298A (en) | Method and system for securing communication | |
| El-Booz et al. | A secure cloud storage system combining time-based one-time password and automatic blocker protocol | |
| CN113541935B (en) | Encryption cloud storage method, system, equipment and terminal supporting key escrow | |
| CN109547198A (en) | The method and system of network transmission video file | |
| CN111444499A (en) | User identity authentication method and system | |
| CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
| CN115021903A (en) | Electronic medical record sharing method and system based on block chain | |
| CN117240625B (en) | Tamper-resistant data processing method and device and electronic equipment | |
| CN114629713A (en) | Identity verification method, device and system | |
| WO2017020669A1 (en) | Method and device for authenticating identity of node in distributed system | |
| CN112787822B (en) | SM 9-based attribute encryption method and system under large attribute set | |
| CN108235067B (en) | Authentication method and device for video stream address | |
| CN109862009A (en) | A kind of client identity method of calibration and device | |
| CN111031352B (en) | Audio and video encryption method, security processing method, device and storage medium | |
| CN107133517A (en) | A kind of data restoration method encrypted and calculated based on data in EMS memory | |
| KR20210058313A (en) | Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment | |
| CN108933766B (en) | Method and client for improving equipment ID security | |
| CN113904830B (en) | SPA authentication method, SPA authentication device, electronic equipment and readable storage medium | |
| CN114785537A (en) | Dynamic encryption method for internet release of three-dimensional model data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |