CN115146315A - Private data protection method, device, equipment and storage medium of low-code platform - Google Patents

Private data protection method, device, equipment and storage medium of low-code platform Download PDF

Info

Publication number
CN115146315A
CN115146315A CN202210855627.XA CN202210855627A CN115146315A CN 115146315 A CN115146315 A CN 115146315A CN 202210855627 A CN202210855627 A CN 202210855627A CN 115146315 A CN115146315 A CN 115146315A
Authority
CN
China
Prior art keywords
data
user
key
target user
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210855627.XA
Other languages
Chinese (zh)
Inventor
杨俊波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN202210855627.XA priority Critical patent/CN115146315A/en
Publication of CN115146315A publication Critical patent/CN115146315A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an artificial intelligence technology, and discloses a privacy data protection method of a low-code platform, which comprises the following steps: creating a key data set with the same list length as the user list; sending a data entry request to a target user side corresponding to a target user name in a user list, and intercepting return data of the target user side; screening out privacy data from the returned data, and encrypting the privacy data into user ciphertext according to a key corresponding to the target user name to obtain user data; inquiring user data according to the user data request; intercepting user data, and decrypting target user data into return data; and performing data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page. In addition, the invention also relates to a block chain technology, and the user list can be stored in the node of the block chain. The invention also provides a private data protection device, equipment and a storage medium of the low-code platform. The invention can improve the security of private data protection.

Description

Private data protection method, device, equipment and storage medium of low-code platform
Technical Field
The invention relates to the technical field of artificial intelligence, in particular to a method, a device, equipment and a storage medium for protecting private data of a low-code platform.
Background
With the advent of the digital era, people upload their private data on more and more platforms, for example, in order to order on a takeaway platform, a user is required to upload their address information and contact information, which further increases the risk of leakage of the private data of the user.
The existing privacy data protection technology of the low-code platform is mostly based on data encryption and decryption of a unified key, and then privacy data are protected. For example, privacy data protection based on alternative encryption and decryption algorithms. In practical applications, once the unified key is cracked, a large amount of data is leaked, which may result in low security when privacy data protection is performed.
Disclosure of Invention
The invention provides a method, a device, equipment and a storage medium for protecting private data of a low-code platform, and mainly aims to solve the problem of low safety during private data protection.
In order to achieve the above object, the present invention provides a method for protecting private data of a low code platform, including:
acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
selecting one user name from the user list one by one as a target user name, sending a data entry request to a target user side corresponding to the target user name, and intercepting return data of the target user side to the data entry request;
screening out privacy data which accord with a preset protection rule from the returned data, encrypting the privacy data into a user ciphertext according to a key corresponding to the target user name, replacing the privacy data in the returned data with the user ciphertext to obtain user data, and storing the user data in a preset database;
when a user data request corresponding to the target user name is received, inquiring the user data from the database according to the user data request;
intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and performing data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page.
Optionally, the creating a key data set with a same list length as the user list includes:
creating a character string array with the same length as the list;
generating a random key by a preset encoding method;
judging whether an array element same as the key exists in the character string array or not in a traversal mode;
when the array elements which are the same as the secret key exist in the character string array, returning to the step of generating the random secret key by a preset encoding method;
when the array element which is the same as the key does not exist in the character string array, the key is added to the character string array as an array element according to the sequence from front to back, and whether the last array element of the character string array is a null value is judged;
when the last array element of the character string array is a null value, returning to the step of generating the random key by a preset encoding method;
and when the last array element of the character string array is not a null value, taking the character string array as the key data set.
Optionally, the screening out the private data meeting a preset protection rule from the returned data includes:
acquiring a digital protection rule in the protection rules, and screening out privacy numbers meeting the digital protection rule from the returned data according to the digital protection rule;
acquiring a character protection rule in the protection rules, and screening out a private text meeting the digital protection rule from the returned data according to the digital protection rule;
and obtaining the privacy data according to the privacy numbers and the privacy texts.
Optionally, the screening out the privacy number meeting the digital protection rule from the returned data according to the digital protection rule includes:
extracting a protection number length from the number protection rule;
and extracting a numeric character string from the returned data, and selecting the numeric character string with the same length as the number from the numeric character string as a private number.
Optionally, the screening out the private text meeting the digital protection rule from the returned data according to the digital protection rule includes:
extracting a privacy word bank from the character protection rule;
dividing the returned data after the extraction of the numeric character strings into a plurality of user data sentences;
segmenting the user data sentence into user data words;
calculating sentence weight of each user data sentence according to the user data words and the privacy word bank;
and taking the user data sentence with the sentence weight larger than a preset threshold value as a private text.
Optionally, the encrypting the private data into a user ciphertext according to the key corresponding to the target user name includes:
generating a corresponding round key according to the key;
carrying out byte replacement operation on the private data through a preset replacement table;
performing line displacement operation on the privacy data after byte replacement;
performing row confusion operation on the privacy data after row displacement;
and carrying out exclusive OR operation on the private data after the column confusion through the round key to obtain the user ciphertext.
Optionally, the decrypting the target user data according to the key corresponding to the target user name to obtain the return data includes:
screening the user ciphertext from the target user data;
acquiring the round key corresponding to the key, and performing exclusive OR operation on the user ciphertext by using the round key;
performing reverse displacement operation on the user ciphertext subjected to the XOR operation;
and performing reverse byte replacement operation on the ciphertext data subjected to reverse row displacement by using the replacement table to obtain the return data.
In order to solve the above problem, the present invention further provides a device for protecting private data of a low-code platform, the device comprising:
the key creating module is used for acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
the data request module is used for selecting one user name from the user list one by one to serve as a target user name, sending a data entry request to a target user side corresponding to the target user name and intercepting return data of the target user side to the data entry request;
the data encryption module is used for screening out the private data meeting a preset protection rule from the returned data, encrypting the private data into a user ciphertext according to a key corresponding to the target user name, replacing the private data in the returned data with the user ciphertext to obtain user data, and storing the user data into a preset database;
the data decryption module is used for inquiring the user data from the database according to the user data request when receiving the user data request corresponding to the target user name; intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and the data desensitization module is used for performing data desensitization on the returned data and displaying the desensitized returned data to a preset front-end page.
In order to solve the above problem, the present invention also provides an apparatus comprising:
at least one processor; and (c) a second step of,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the method for protecting private data of a low code platform as described above.
In order to solve the above problem, the present invention further provides a storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in a device to implement the method for protecting private data of a low-code platform described above.
According to the embodiment of the invention, the key data set with the same length as the list of the user list is created, and the keys in the key data set are matched with the user names in the user list one by one, so that each user can be ensured to have a unique private key for data encryption and decryption of the user, and the data security of the user can be further improved; by intercepting the returned data of the target user terminal to the data entry request, the returned data can be conveniently encrypted subsequently, the risk of data leakage is reduced, the safety of the user data is improved, and the private data is encrypted into the user ciphertext by using the key corresponding to the target user name, so that the opacity of the user data in the storage process is ensured, and the safety of the private data is improved. Therefore, the method, the device, the equipment and the storage medium for protecting the private data of the low-code platform can solve the problem of low safety when the private data is protected.
Drawings
Fig. 1 is a flowchart illustrating a private data protection method for a low-code platform according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of screening private data according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a process of decrypting target user data according to an embodiment of the present invention;
FIG. 4 is a functional block diagram of a private data protection apparatus for a low-code platform according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a device for implementing the private data protection method for a low-code platform according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the application provides a private data protection method for a low-code platform. The execution subject of the private data protection method for the low-code platform includes, but is not limited to, at least one of a server, a terminal, and the like, which can be configured to execute the method provided by the embodiment of the present application. In other words, the private data protection method of the low-code platform may be performed by software or hardware installed in a terminal device or a server device, and the software may be a block chain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.
Referring to fig. 1, a flowchart of a method for protecting private data of a low-code platform according to an embodiment of the present invention is shown. In this embodiment, the method for protecting private data of a low-code platform includes:
s1, acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
in an embodiment of the present invention, the user list may be a list for storing user names stored in a database, a block chain, and a company list.
In this embodiment of the present invention, the creating a key data set having a length same as that of the list of the user list includes: creating a character string array with the same length as the list; generating a random key by a preset encoding method; judging whether an array element same as the key exists in the character string array or not in a traversal mode; when the array elements which are the same as the secret key exist in the character string array, returning to the step of generating the random secret key by a preset encoding method; when the array element which is the same as the key does not exist in the character string array, the key is taken as an array element to be added to the character string array according to the sequence from front to back, and whether the last array element of the character string array is a null value or not is judged; when the last array element of the character string array is a null value, returning to the step of generating the random key by a preset encoding method; and when the last array element of the character string array is not null, taking the character string array as the key data set.
Specifically, an Array of strings of the same length as the list may be created by the Array function of java.
Specifically, the encoding method may be java's keyGenerator. GenerateKey method, which may generate a random key of an encryption standard such as AES.
In detail, keys in the key data set may be matched with user names in the user list one by one in a traversal manner.
In the embodiment of the invention, by creating the key data set with the same length as the list of the user list and matching the keys in the key data set with the user names in the user list one by one, each user can be ensured to have a unique private key for the data encryption and decryption of the user, and the data security of the user can be further improved.
S2, selecting one user name from the user list one by one to serve as a target user name, sending a data entry request to a target user side corresponding to the target user name, and intercepting return data of the target user side to the data entry request;
in the embodiment of the present invention, the data entry request refers to a request for notifying a user to perform data entry, for example, notifying the user to submit a house renting delivery order of the user.
In detail, the return data may be form data containing user information, such as a house rental delivery order, a contract, an order invoice, and the like.
In the embodiment of the invention, the returned data of the target user terminal to the data entry request can be intercepted by a spring AOP interception method.
In the embodiment of the invention, the returned data of the target user terminal for the data entry request is intercepted, so that the returned data can be conveniently encrypted subsequently, the risk of data leakage is reduced, and the safety of user data is improved.
S3, screening out privacy data which accord with a preset protection rule from the returned data, encrypting the privacy data into a user ciphertext according to a key corresponding to the target user name, replacing the privacy data in the returned data with the user ciphertext to obtain user data, and storing the user data into a preset database;
in the embodiment of the present invention, the protection rule refers to a condition and a rule that are restrictive on the returned data, and may be a legal privacy protection rule or an industry privacy protection rule, for example, data such as a telephone number, an identification number, and a detailed address in the returned data of the user are encrypted.
In the embodiment of the present invention, referring to fig. 2, the screening out privacy data that meets a preset protection rule from the returned data includes:
s21, obtaining a digital protection rule in the protection rules, and screening out privacy numbers meeting the digital protection rule from the returned data according to the digital protection rule;
s22, obtaining character protection rules in the protection rules, and screening out privacy texts which accord with the digital protection rules from the returned data according to the digital protection rules;
and S23, obtaining the privacy data according to the privacy numbers and the privacy texts.
In detail, the screening out the privacy number meeting the digital protection rule from the returned data according to the digital protection rule includes: extracting a protection number length from the number protection rule; and extracting a numeric character string from the returned data, and selecting the numeric character string with the same length as the numeric character string from the numeric character string as a privacy number.
Specifically, a regular expression may be used to extract a numeric character string from the return data, and a numeric character string having the same length as the numeric character string is selected from the numeric character string as a privacy number.
Specifically, the screening out the privacy text meeting the digital protection rule from the returned data according to the digital protection rule includes: extracting a privacy word bank from the character protection rule; dividing the returned data after the extraction of the numeric character strings into a plurality of user data sentences; segmenting the user data sentence into user data words; calculating sentence weight of each user data sentence according to the user data words and the privacy word bank; and taking the user data sentence with the sentence weight larger than a preset threshold value as a private text.
In detail, the privacy thesaurus refers to a thesaurus consisting of possible privacy words and word weights corresponding to the privacy words, for example, the word weight of "street" is 5.
Specifically, punctuation marks in the user data sentence may be identified by using a regular expression, so as to divide the returned data after the extraction of the numeric character string into a plurality of user data sentences.
In detail, the user data sentence may be segmented into user data words by a text segmentation tool such as JIEBA.
In detail, the calculating a sentence weight of each user data sentence according to the user data word and the private thesaurus includes: and accumulating the word weight of each user data word in the user data sentence, and dividing the accumulated numerical value by the length of the user data sentence to obtain the sentence weight of the user data sentence.
In detail, the encrypting the private data into a user ciphertext according to the key corresponding to the target user name includes: generating a corresponding round key according to the key; carrying out byte replacement operation on the private data through a preset replacement table; performing line displacement operation on the privacy data after byte replacement; performing row confusion operation on the privacy data after the row displacement; and carrying out exclusive OR operation on the private data after the column confusion through the round key to obtain the user ciphertext.
In detail, a corresponding round key may be generated from the key using a key orchestration algorithm.
Specifically, the replacement table refers to an S-box (stabilization-box).
In detail, the performing of the byte replacement operation on the private data through the preset replacement table refers to taking the first nibble of the private data as a row value, taking the last nibble of the private data as a column value, and replacing the corresponding data retrieved from the replacement table by using the row value and the column value.
In the embodiment of the invention, the private data is encrypted into the user ciphertext by using the key corresponding to the target user name, so that the opacity of the user data in the storage process is ensured, and the security of the private data is improved.
S4, when a user data request corresponding to the target user name is received, inquiring the user data from the database according to the user data request;
in the embodiment of the present invention, the user data request refers to a request for acquiring the user data, for example, a user renting delivery order that a service person renting a house needs to acquire from a system background in order to handle a house renting service.
In the embodiment of the present invention, the user data may be queried from the database according to the user data request through a database query language such as SQL.
S5, intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
in the embodiment of the present invention, the method for intercepting the user data is consistent with the method for intercepting the return data of the target user end to the data entry request in step S2, and details are not repeated here.
In this embodiment of the present invention, as shown in fig. 3, the decrypting the target user data according to the key corresponding to the target user name to obtain the return data includes:
s31, screening the user ciphertext from the target user data;
s32, acquiring the round key corresponding to the key, and carrying out XOR operation on the user ciphertext by using the round key;
s33, performing reverse displacement operation on the user ciphertext subjected to the XOR operation;
and S34, performing reverse byte replacement operation on the ciphertext data subjected to reverse line displacement by using the replacement table to obtain the return data.
In detail, the method for screening the user ciphertext from the target user data is consistent with the method for screening the privacy data meeting the preset protection rule from the returned data in step S3, and is not repeated here.
Specifically, the retrograde displacement refers to a line displacement in the opposite direction to the line displacement in step S3.
In detail, the method for performing reverse byte replacement operation on the ciphertext data subjected to reverse line displacement by using the replacement table to obtain the returned data is a reverse direction of the method for performing byte replacement operation on the privacy data through the preset replacement table in step S3, and is not described herein again.
In the embodiment of the invention, the target user data can be conveniently judged by the subsequent user by intercepting the user data and decrypting the target user data according to the key corresponding to the target user name.
And S6, performing data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page.
In this embodiment of the present invention, the performing data desensitization on the returned data includes: screening out privacy data which accord with a preset protection rule from the returned data; and replacing characters in the private data with special characters according to a preset data desensitization scheme.
In detail, the method for screening out the private data meeting the preset protection rule from the returned data is consistent with the method for screening out the private data meeting the preset protection rule from the returned data in the step S3.
In detail, the data desensitization scheme, for example, replaces the middle four characters of the cell phone number with a number.
Specifically, characters in the private data can be replaced by special characters through a java regular expression according to a preset data desensitization scheme.
In the embodiment of the invention, the returned data is subjected to data desensitization, and the desensitized returned data is displayed to the preset front-end page, so that a user can be helped to judge self information, such as whether the mobile phone number is the mobile phone number of the user or not is determined by the front three digits and the back four digits of the mobile phone number.
According to the embodiment of the invention, the key data set with the same length as the list of the user list is created, and the keys in the key data set are matched with the user names in the user list one by one, so that each user can be ensured to have a unique private key for data encryption and decryption of the user, and the data security of the user can be further improved; by intercepting the returned data of the target user terminal to the data entry request, the returned data can be conveniently encrypted subsequently, the risk of data leakage is reduced, the safety of the user data is improved, and the private data is encrypted into the user ciphertext by using the key corresponding to the target user name, so that the opacity of the user data in the storage process is ensured, and the safety of the private data is improved. Therefore, the method for protecting the private data of the low-code platform can solve the problem of low safety when the private data is protected.
Fig. 4 is a functional block diagram of a private data protection apparatus for a low-code platform according to an embodiment of the present invention.
The privacy data protection device 100 of the low-code platform can be installed in equipment. According to the implemented functions, the private data protection device 100 of the low-code platform may include a key creation module 101, a data request module 102, a data encryption module 103, a data decryption module 104, and a data desensitization module 105. A module according to the invention, also called a unit, is a series of computer program segments that can be executed by a processor of a device and that can perform a fixed function, and that are stored in a memory of the device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the key creating module 101 is configured to acquire a user list, create a key data set having the same length as the user list, and match keys in the key data set with user names in the user list one by one;
the data request module 102 is configured to select one user name from the user list one by one as a target user name, send a data entry request to a target user side corresponding to the target user name, and intercept return data of the target user side to the data entry request;
the data encryption module 103 is configured to screen out the private data that meets a preset protection rule from the returned data, encrypt the private data into a user ciphertext according to a key corresponding to the target user name, replace the private data in the returned data with the user ciphertext, obtain user data, and store the user data in a preset database;
the data decryption module 104 is configured to, when receiving a user data request corresponding to the target user name, query the user data from the database according to the user data request; intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
the data desensitization module 105 is configured to perform data desensitization on the return data, and display the desensitized return data to a preset front-end page.
In detail, in the embodiment of the present invention, when the modules in the private data protection apparatus 100 for a low-code platform are used, the same technical means as the private data protection method for a low-code platform described in fig. 1 to fig. 3 are used, and the same technical effect can be produced, which is not described again here.
Fig. 5 is a schematic structural diagram of a device for implementing a private data protection method for a low-code platform according to an embodiment of the present invention.
The device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as a private data protection program of a low code platform, stored in the memory 11 and executable on the processor 10.
In some embodiments, the processor 10 may be composed of an integrated circuit, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same function or different functions, and includes one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the device, connects various components of the whole device by using various interfaces and lines, executes or executes programs or modules stored in the memory 11 (for example, executes a private data protection program of a low-code platform, and the like), and calls data stored in the memory 11 to perform various functions of the device and process data.
The memory 11 includes at least one type of readable storage medium including flash memory, removable hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, and the like. The memory 11 may in some embodiments be an internal storage unit of the device, for example a removable hard disk of the device. The memory 11 may also be an external storage device of the device in other embodiments, such as a plug-in removable hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the device. Further, the memory 11 may also include both an internal storage unit of the device and an external storage device. The memory 11 may be used not only to store application software installed in the device and various types of data, such as codes of a privacy data protection program of a low-code platform, etc., but also to temporarily store data that has been output or is to be output.
The communication bus 12 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
The communication interface 13 is used for communication between the above-mentioned device and other devices, and includes a network interface and a user interface. Optionally, the network interface may include a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), typically used to establish a communication connection between the device and other devices. The user interface may be a Display (Display), an input unit such as a Keyboard (Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the device and for displaying a visualized user interface.
The figures only show devices having components, it will be understood by those skilled in the art that the structures shown in the figures do not constitute a limitation of the devices, and may comprise fewer or more components than shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the apparatus may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so that functions such as charge management, discharge management, and power consumption management are implemented through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The device may further include various sensors, a bluetooth module, a Wi-Fi module, etc., which are not described herein again.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The private data protection program of the low code platform stored in the memory 11 of the device 1 is a combination of instructions that, when executed in the processor 10, may implement:
acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
selecting one user name from the user list one by one as a target user name, sending a data entry request to a target user side corresponding to the target user name, and intercepting return data of the target user side to the data entry request;
screening out privacy data which accord with a preset protection rule from the returned data, encrypting the privacy data into a user ciphertext according to a key corresponding to the target user name, replacing the privacy data in the returned data with the user ciphertext to obtain user data, and storing the user data in a preset database;
when a user data request corresponding to the target user name is received, inquiring the user data from the database according to the user data request;
intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and carrying out data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page.
Specifically, the specific implementation method of the processor 10 for the instruction may refer to the description of the relevant steps in the embodiment corresponding to the drawing, and is not repeated here.
Further, the integrated modules/units of the device 1 may be stored in a storage medium if implemented in the form of software functional units and sold or used as separate products. The storage medium may be volatile or nonvolatile. For example, the storage medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM).
The invention also provides a storage medium, the readable storage medium storing a computer program which, when executed by a processor of a device, may implement:
acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
selecting one user name from the user list one by one as a target user name, sending a data entry request to a target user side corresponding to the target user name, and intercepting return data of the target user side to the data entry request;
screening out privacy data which accord with a preset protection rule from the returned data, encrypting the privacy data into a user ciphertext according to a key corresponding to the target user name, replacing the privacy data in the returned data with the user ciphertext to obtain user data, and storing the user data in a preset database;
when a user data request corresponding to the target user name is received, inquiring the user data from the database according to the user data request;
intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and performing data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The embodiment of the application can acquire and process related data based on an artificial intelligence technology. Among them, artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims (10)

1. A method for protecting private data of a low code platform, the method comprising:
acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
selecting one user name from the user list one by one as a target user name, sending a data entry request to a target user side corresponding to the target user name, and intercepting return data of the target user side to the data entry request;
screening out privacy data which accord with a preset protection rule from the returned data, encrypting the privacy data into a user ciphertext according to a key corresponding to the target user name, replacing the privacy data in the returned data with the user ciphertext to obtain user data, and storing the user data in a preset database;
when a user data request corresponding to the target user name is received, inquiring the user data from the database according to the user data request;
intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and performing data desensitization on the returned data, and displaying the desensitized returned data to a preset front-end page.
2. The method for protecting private data of a low code platform of claim 1, wherein said creating a key data set that is the same length as a list of said user list comprises:
creating a character string array with the same length as the list;
generating a random key by a preset encoding method;
judging whether an array element same as the key exists in the character string array or not in a traversal mode;
when the array elements which are the same as the secret key exist in the character string array, returning to the step of generating the random secret key by a preset encoding method;
when the array element which is the same as the key does not exist in the character string array, the key is added to the character string array as an array element according to the sequence from front to back, and whether the last array element of the character string array is a null value is judged;
when the last array element of the character string array is a null value, returning to the step of generating the random key by a preset encoding method;
and when the last array element of the character string array is not null, taking the character string array as the key data set.
3. The method for protecting private data of a low code platform according to claim 1, wherein the screening out private data meeting a preset protection rule from the returned data comprises:
acquiring a digital protection rule in the protection rules, and screening out privacy numbers meeting the digital protection rule from the returned data according to the digital protection rule;
acquiring a character protection rule in the protection rules, and screening out a privacy text which accords with the digital protection rule from the returned data according to the digital protection rule;
and obtaining the privacy data according to the privacy numbers and the privacy texts.
4. The method for protecting private data of a low code platform according to claim 3, wherein the screening out the private numbers meeting the number protection rule from the returned data according to the number protection rule comprises:
extracting a protection number length from the number protection rule;
and extracting a numeric character string from the returned data, and selecting the numeric character string with the same length as the numeric character string from the numeric character string as a privacy number.
5. The method for protecting private data of a low-code platform according to claim 3, wherein the screening out private text meeting the number protection rule from the returned data according to the number protection rule comprises:
extracting a private word bank from the character protection rule;
dividing the returned data after the extraction of the numeric character strings into a plurality of user data sentences;
segmenting the user data sentence into user data words;
calculating sentence weight of each user data sentence according to the user data words and the privacy word bank;
and taking the user data sentence with the sentence weight larger than a preset threshold value as a private text.
6. The method for protecting private data of a low code platform according to claim 1, wherein the encrypting the private data into a user ciphertext according to the key corresponding to the target user name comprises:
generating a corresponding round key according to the key;
carrying out byte replacement operation on the private data through a preset replacement table;
performing line displacement operation on the privacy data after byte replacement;
performing row confusion operation on the privacy data after the row displacement;
and carrying out exclusive OR operation on the private data after the column confusion through the round key to obtain the user ciphertext.
7. The method for protecting private data of a low-code platform according to any one of claims 1 to 6, wherein the decrypting the target user data according to the key corresponding to the target user name to obtain the return data includes:
screening the user ciphertext from the target user data;
acquiring the round key corresponding to the key, and performing exclusive OR operation on the user ciphertext by using the round key;
performing reverse displacement operation on the user ciphertext subjected to the XOR operation;
and performing reverse byte replacement operation on the ciphertext data subjected to reverse line displacement by using the replacement table to obtain the return data.
8. An apparatus for protecting private data of a low code platform, the apparatus comprising:
the key creating module is used for acquiring a user list, creating a key data set with the same length as the list of the user list, and matching keys in the key data set with user names in the user list one by one;
the data request module is used for selecting one user name from the user list one by one as a target user name, sending a data entry request to a target user side corresponding to the target user name and intercepting return data of the target user side to the data entry request;
the data encryption module is used for screening out the private data meeting a preset protection rule from the returned data, encrypting the private data into a user ciphertext according to a key corresponding to the target user name, replacing the private data in the returned data with the user ciphertext to obtain user data, and storing the user data into a preset database;
the data decryption module is used for inquiring the user data from the database according to the user data request when receiving the user data request corresponding to the target user name; intercepting the user data, and decrypting the target user data according to a key corresponding to the target user name to obtain the return data;
and the data desensitization module is used for performing data desensitization on the returned data and displaying the desensitized returned data to a preset front-end page.
9. An apparatus, characterized in that the apparatus comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of private data protection for a low code platform of any one of claims 1 to 7.
10. A storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the method for protecting private data of a low code platform according to any one of claims 1 to 7.
CN202210855627.XA 2022-07-20 2022-07-20 Private data protection method, device, equipment and storage medium of low-code platform Pending CN115146315A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210855627.XA CN115146315A (en) 2022-07-20 2022-07-20 Private data protection method, device, equipment and storage medium of low-code platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210855627.XA CN115146315A (en) 2022-07-20 2022-07-20 Private data protection method, device, equipment and storage medium of low-code platform

Publications (1)

Publication Number Publication Date
CN115146315A true CN115146315A (en) 2022-10-04

Family

ID=83413027

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210855627.XA Pending CN115146315A (en) 2022-07-20 2022-07-20 Private data protection method, device, equipment and storage medium of low-code platform

Country Status (1)

Country Link
CN (1) CN115146315A (en)

Similar Documents

Publication Publication Date Title
CN110245469B (en) Webpage watermark generation method, watermark analysis method, device and storage medium
CN108829899B (en) Data table storage, modification, query and statistical method
US20170337386A1 (en) Method, apparatus, and computer-readable medium for automated construction of data masks
CN113364753B (en) Anti-crawler method and device, electronic equipment and computer readable storage medium
CN113127915A (en) Data encryption desensitization method and device, electronic equipment and storage medium
CN114124502B (en) Message transmission method, device, equipment and medium
CN115048664A (en) Data security storage method, device, equipment and medium based on solid state disk
CN113704781A (en) File secure transmission method and device, electronic equipment and computer storage medium
CN113822675A (en) Block chain based message processing method, device, equipment and storage medium
CN113489704A (en) Sensitive data identification method and device based on flow, electronic equipment and medium
CN114626079A (en) File viewing method, device, equipment and storage medium based on user permission
CN115758399A (en) Intelligent medical information management method, device, equipment and medium based on medical networking
CN115374150A (en) Character string data query method and device, electronic equipment and storage medium
CN112217639B (en) Data encryption sharing method and device, electronic equipment and computer storage medium
CN116702103A (en) Database watermark processing method, database watermark tracing method and device
CN116055144A (en) Data security analysis method, device, equipment and storage based on Internet of things
CN115146315A (en) Private data protection method, device, equipment and storage medium of low-code platform
CN115001768A (en) Data interaction method, device and equipment based on block chain and storage medium
CN115001767A (en) Service calling method, device, equipment and medium based on national encryption card
CN115170286A (en) Anonymous query method and device for blacklist user, electronic equipment and storage medium
CN113792323A (en) Sensitive data encryption method and device based on agricultural products and electronic equipment
CN113626533B (en) Ultraviolet power detection method and device and electronic equipment
CN116418580B (en) Data integrity protection detection method and device for local area network and electronic equipment
CN115801228B (en) Interactive information encryption method and device, electronic equipment and storage medium
CN113438221B (en) Local end file loading method and device, electronic equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination