CN115170355A - Evidence obtaining data credibility verification method and device, computer equipment and storage medium - Google Patents

Evidence obtaining data credibility verification method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN115170355A
CN115170355A CN202210894144.0A CN202210894144A CN115170355A CN 115170355 A CN115170355 A CN 115170355A CN 202210894144 A CN202210894144 A CN 202210894144A CN 115170355 A CN115170355 A CN 115170355A
Authority
CN
China
Prior art keywords
request
data
verification
user
challenge
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210894144.0A
Other languages
Chinese (zh)
Inventor
陈晓红
郭泰彪
徐雪松
许冠英
胡东滨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Red Pu Innovation Technology Development Co ltd
Original Assignee
Hunan Red Pu Innovation Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Red Pu Innovation Technology Development Co ltd filed Critical Hunan Red Pu Innovation Technology Development Co ltd
Priority to CN202210894144.0A priority Critical patent/CN115170355A/en
Publication of CN115170355A publication Critical patent/CN115170355A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/18Legal services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Tourism & Hospitality (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Economics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Technology Law (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of data security, and discloses a method and a device for verifying the credibility of forensic data, computer equipment and a storage medium, wherein the method comprises the following steps: obtaining a challenge request, wherein the challenge request comprises a history request identifier and/or a user identity identifier; obtaining forensics data according to the challenge request; and performing credible verification on the evidence obtaining data based on the historical request identification and/or the user identity identification to obtain a credible verification result.

Description

Evidence obtaining data credibility verification method and device, computer equipment and storage medium
Technical Field
The invention relates to the field of data security, in particular to a method and a device for verifying the credibility of forensic data, computer equipment and a storage medium.
Background
In traditional electronic evidence collection, the surrounding environment is generally subjected to real-time or timed evidence collection through equipment, and the obtained evidence data is stored in the memory of the equipment, but the memory of the equipment for collecting the evidence-containing data has certain limitation, which can lead the evidence-collected data to be continuously covered along with the time. Therefore, equipment needs to be recovered regularly, but it is time-consuming and labor-consuming to identify all relevant equipment located at different remote sites, and it is impossible to confirm whether the forensic data is authentic, so that the reliability of the forensic data is low.
At present, the academic community has also provided a plurality of technical schemes related to cloud forensics, and compared with the traditional electronic forensics, the cloud forensics can reduce the time and labor spent on recovering equipment, but face a plurality of difficulties such as data dispersion, limited data control, difficult realization of forensics supervision chain, multi-tenant environment and the like.
Therefore, the existing method has the problem that the reliability of the evidence data is low because whether the evidence data is credible or not cannot be confirmed.
Disclosure of Invention
The embodiment of the invention provides a method and a device for verifying the credibility of forensic data, computer equipment and a storage medium, so as to improve the credibility of the forensic data.
In order to solve the above technical problem, an embodiment of the present application provides a method for verifying the credibility of forensic data, including:
obtaining a challenge request, wherein the challenge request comprises a history request identifier and/or a user identity identifier;
obtaining forensics data according to the challenge request;
and performing trusted verification on the evidence obtaining data based on the historical request identification and/or the user identity identification to obtain a trusted verification result.
In order to solve the above technical problem, an embodiment of the present application further provides a device for verifying the trustworthy forensic data, including:
the system comprises a challenge request acquisition module, a challenge request sending module and a challenge response sending module, wherein the challenge request acquisition module is used for acquiring a challenge request, and the challenge request comprises a history request identifier and/or a user identity identifier;
the evidence obtaining module is used for obtaining evidence obtaining data according to the challenge request;
and the credibility verification module is used for carrying out credibility verification on the evidence obtaining data based on the historical request identifier and/or the user identity identifier to obtain a credibility verification result.
In order to solve the technical problem, an embodiment of the present application further provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the forensic data trust verification method when executing the computer program.
In order to solve the above technical problem, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps of the above-mentioned forensic data trust verification method.
According to the method, the device, the computer equipment and the storage medium for verifying the credibility of the evidence obtaining data, provided by the embodiment of the invention, a challenge request is obtained, wherein the challenge request comprises a history request identifier and/or a user identity identifier; obtaining evidence obtaining data according to the challenge request; the evidence obtaining data is subjected to credible verification based on the historical request identification and/or the user identification to obtain a credible verification result, a challenge request is initiated, the user identification and the historical request identification in the challenge request are obtained, and the credible verification is performed on the evidence obtaining data through the user identification and the historical request identification, so that whether the evidence obtaining data is credible or not can be verified quickly and effectively, and the credibility of the evidence obtaining data is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
FIG. 1 is an exemplary system architecture diagram to which the present application may be applied;
FIG. 2 is a flow diagram of one embodiment of a forensic data trust verification method of the present application;
FIG. 3 is a schematic block diagram of one embodiment of a forensic data trust verification apparatus according to the present application;
FIG. 4 is a block diagram of one embodiment of a computer device according to the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "including" and "having," and any variations thereof, in the description and claims of this application and the description of the above figures are intended to cover non-exclusive inclusions. The terms "first," "second," and the like in the description and claims of this application or in the above-described drawings are used for distinguishing between different objects and not for describing a particular order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein may be combined with other embodiments.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention.
Referring to fig. 1, as shown in fig. 1, a system architecture 100 may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like.
The terminal devices 101, 102, 103 may be various electronic devices having display screens and supporting web browsing, including but not limited to smart phones, tablet computers, E-book readers, MP3 players (Moving Picture E interface displays the properties Group Audio Layer III, mpeg compression standard Audio Layer 3), MP4 players (Moving Picture E interface displays the properties Group Audio Layer IV, mpeg compression standard Audio Layer 4), laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a background server providing support for pages displayed on the terminal devices 101, 102, 103.
It should be noted that, the forensic data trust verification method provided in the embodiment of the present application is executed by a server, and accordingly, the forensic data trust verification apparatus is disposed in the server.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. Any number of terminal devices, networks and servers may be provided according to implementation needs, and the terminal devices 101, 102 and 103 in this embodiment may specifically correspond to an application system in actual production.
Referring to fig. 2, fig. 2 shows a method for verifying the trustworthy data for forensics according to an embodiment of the present invention, which is described by taking the method applied to the server in fig. 1 as an example, and is detailed as follows:
s201, a challenge request is obtained, wherein the challenge request comprises a history request identifier and/or a user identity identifier.
And S202, obtaining evidence obtaining data according to the challenge request.
S203, performing credible verification on the evidence obtaining data based on the historical request identification and/or the user identity identification to obtain a credible verification result.
With respect to step S201, the challenge request refers to a request initiated by a forensics to challenge one or more data. It should be understood that this data includes, but is not limited to, historical requests, user identities.
The expression of the challenge request includes, but is not limited to, a structured query statement, an unstructured query statement, and an identification number. Preferably, the present invention is implemented using structured query statements.
The history request flag is a flag corresponding to a history request for which the acquirer challenges one or more history requests.
The user identity is an identity corresponding to a user who is questioned by the verifier for a certain user or a plurality of users.
It should be noted here that when the forensics puts a challenge on the challenge object, the challenge request needs to include an identifier corresponding to the challenge object. For example, when the acquirer challenges a history request, the challenge request needs to include a history request identifier corresponding to the history request. Meanwhile, the number of the questioning objects in the same questioning request is not limited.
In step S202, the forensic data refers to data related to the challenge object in the challenge request. The storage location of the forensic data includes, but is not limited to, a blockchain, a database, a blockchain-based, multi-cloud distributed database. Preferably, the embodiment of the present invention stores data by using a block chain-based multi-cloud distributed database.
With respect to step S203, the above-described trust verification refers to a process of verifying whether the challenge object in the challenge request is trusted based on the forensic data.
The above trusted verification method includes, but is not limited to, verifying whether the user exists, and whether the user has abnormal behavior.
It should be noted here that the trusted verification may be specifically selected according to actual needs, and is not limited herein, as a preferred embodiment, the trusted verification method is to verify whether the user exists and/or whether the history request has an abnormal request.
In this embodiment, a challenge request is obtained, where the challenge request includes a history request identifier and/or a user identity identifier. And obtaining the evidence obtaining data according to the challenge request. The evidence obtaining data is subjected to credible verification based on the historical request identification and/or the user identification to obtain a credible verification result, the user identification and the historical request identification in the challenge request are obtained by initiating the challenge request, and the evidence obtaining data is subjected to credible verification through the user identification and the historical request identification, so that whether the evidence obtaining data is credible or not can be verified quickly and effectively, and the credibility of the evidence obtaining data is improved.
In some optional implementation manners of this embodiment, in step S202, the step of obtaining the forensic data according to the challenge request includes:
s2021, verifying the authenticity of the user corresponding to the challenge request based on the user identity, and obtaining a verification result.
And S2022, when the verification result shows that the user is a real user, obtaining forensics data corresponding to the history request identifier.
For step S2021, the authenticity verification described above refers to a way of verifying whether the user id exists really.
The above methods for verifying authenticity include, but are not limited to, signature verification, identification verification. The signature verification means that a prover signs a challenge request, sends the signed challenge request to any cloud service provider, the cloud service provider receiving the challenge request verifies the signature on the challenge request, and then verifies whether the user identity on the challenge request is real or not through the user identity stored in the server. The identification verification means that whether the user identity on the challenge request is real is directly verified through a cloud service provider. Preferably, the present invention implements authentication using signature verification.
For step S2022, it is specifically:
and when the verification result is that the user is a real user, sending the challenge request to the block chain.
And adopting a block chain to obtain evidence obtaining data corresponding to the historical request identifier.
In this embodiment, authenticity verification is performed on a user corresponding to the questioning request based on the user identity, a verification result is obtained, when the verification result is that the user is a real user, forensic data corresponding to the historical request identity is obtained, and the questioning request passing the authenticity verification is obtained through the user identity, so that the forensic data can be conveniently subjected to credible verification subsequently, and reliability of the forensic data is improved.
In some optional implementation manners of this embodiment, in step S203, performing trusted verification on the forensic data based on the history request identifier and the user identity identifier, and obtaining a trusted verification result includes:
s2031, based on the intelligent contract, conducting abnormal request history record retrieval on the history request identification and/or the user identity identification in the block chain to obtain a retrieval result.
S2032, if the retrieval result is that the abnormal request history exists, determining that the credible verification result is that the evidence obtaining data is abnormal.
S2033, if the retrieval result is that no abnormal request history record exists, determining that the credible verification result is that the evidence obtaining data is normal.
For step S2031, the intelligent contract is an SQL intrusion trusted judgment and recording contract. The intelligent contract is used for judging and recording whether an abnormal request history record corresponding to the history request identification and/or the user identification exists in the blockchain.
The exception request history is a record in which a history existing in a block chain is marked as an exception.
For step S2032, if the retrieval result is that there is an abnormal request history, it indicates that there is a malicious request for the history request identifier and/or the user identity identifier, and it is determined that the trusted verification result is that the forensic data is abnormal.
For step S2033, when the retrieval result indicates that there is no abnormal request history, it indicates that there is no malicious request for the history request identifier and/or the user identity identifier, and determines that the trusted verification result is that the forensic data is normal.
In this embodiment, through the above steps, an abnormal request history record search is performed on the history request identifier and/or the user identity identifier in the block chain to obtain a search result, and according to the search result, whether the forensic data is normal is determined, so that the reliability of the forensic data is improved.
In some optional implementations of this embodiment, after step S203, the method further includes step S301 to step S303:
s301, when the credible verification result is that the evidence obtaining data is abnormal, acquiring an abnormal request history record based on the challenge request.
S302, generating an SQL intrusion verification report corresponding to the evidence data credible data based on the abnormal request history record and the credible verification result.
And S303, when the credible verification result indicates that the evidence obtaining data is normal, directly generating an SQL intrusion verification report corresponding to the credible data of the evidence obtaining data.
In step S301, the abnormal request history is the abnormal request history corresponding to the challenge request retrieved in step S2032.
For step S302, when there is an abnormal request history record, enumerating the abnormal request history record, adding the trusted verification result to the SQL intrusion verification report, and returning the SQL intrusion verification report to the trusted environment in the cloud service provider.
For step S303, when there is no history of abnormal requests, directly adding the trusted verification result to the SQL intrusion verification report, and returning the SQL intrusion verification report to the trusted environment in the cloud service provider.
In this embodiment, through the above steps, an SQL intrusion verification report corresponding to the forensic data trusted data is generated, and the SQL intrusion verification report is returned to the trusted environment in the cloud service provider, so as to improve the trust of the forensic data.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
Fig. 3 shows a schematic block diagram of a forensic data trust verification apparatus corresponding to the forensic data trust verification methods of the above embodiments one to one. As shown in fig. 3, the forensic data trust verification apparatus includes a challenge request acquisition module 31, a forensic data acquisition module 32, and a trust verification module 33. The functional modules are explained in detail as follows:
a challenge request obtaining module 31, configured to obtain a challenge request, where the challenge request includes a history request identifier and/or a user identity identifier.
And the evidence obtaining module 32 is used for obtaining evidence obtaining data according to the challenge request.
And the trusted verification module 33 is configured to perform trusted verification on the evidence obtaining data based on the historical request identifier and/or the user identity identifier to obtain a trusted verification result.
In one embodiment, the forensic data acquisition module 32 further comprises:
and the verification unit is used for verifying the authenticity of the user corresponding to the challenge request based on the user identity identifier to obtain a verification result.
And the evidence obtaining unit is used for obtaining evidence obtaining data corresponding to the history request identification when the verification result shows that the user is a real user.
In one embodiment, the forensic data acquisition unit further comprises:
and the request sending unit is used for sending the challenge request to the block chain when the verification result shows that the user is a real user.
And the block chain acquiring data unit is used for acquiring the evidence obtaining data corresponding to the historical request identifier by adopting the block chain.
In one embodiment, the trusted verification module 33 further comprises:
and the retrieval result acquisition unit is used for performing abnormal request historical record retrieval on the historical request identifier and/or the user identity identifier in the block chain based on the intelligent contract to obtain a retrieval result.
And the first retrieval result unit is used for determining that the credible verification result is the evidence obtaining data abnormity if the retrieval result is that the abnormal request history exists.
And the second retrieval result unit is used for determining that the credible verification result is that the evidence obtaining data is normal if the retrieval result is that no abnormal request history record exists.
In one embodiment, the intelligent contract in the retrieval result acquisition unit is an SQL intrusion credibility judgment and record contract.
In one embodiment, after the trusted verification module 33, the forensic data trusted verification apparatus further comprises:
and the abnormal request history record acquisition unit is used for acquiring an abnormal request history record based on the challenge request when the credibility verification result is that the evidence obtaining data is abnormal.
And the exception report generating unit is used for generating an SQL intrusion verification report corresponding to the evidence data credible data based on the exception request historical record and the credible verification result.
And the normal report generating unit is used for directly generating an SQL intrusion verification report corresponding to the evidence data trusted data when the trusted verification result is that the evidence data is normal.
For specific limitations of the forensic data trust verification apparatus, reference may be made to the above limitations of the forensic data trust verification method, which are not described herein again. The modules in the above-mentioned forensic data trust verification apparatus may be implemented wholly or partially by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In order to solve the technical problem, an embodiment of the present application further provides a computer device. Referring to fig. 4 in particular, fig. 4 is a block diagram of a basic structure of a computer device according to the embodiment.
The computer device 4 comprises a memory 41, a processor 42, and a network interface 43, which are communicatively connected to each other via a system bus. It is noted that only computer device 4 having components connection memory 41, processor 42, network interface 43 is shown, but it is understood that not all of the illustrated components are required to be implemented, and that more or fewer components may alternatively be implemented. As will be understood by those skilled in the art, the computer device is a device capable of automatically performing numerical calculation and/or information processing according to instructions set or stored in advance, and the hardware thereof includes but is not limited to a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.
The computer device can be a desktop computer, a notebook, a palm computer, a cloud server and other computing devices. The computer equipment can carry out man-machine interaction with a user in a keyboard mode, a mouse mode, a remote controller mode, a touch panel mode or a voice control equipment mode.
The memory 41 includes at least one type of readable storage medium including a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or D interface display memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the memory 41 may be an internal storage unit of the computer device 4, such as a hard disk or a memory of the computer device 4. In other embodiments, the memory 41 may also be an external storage device of the computer device 4, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the computer device 4. Of course, the memory 41 may also include both internal and external storage devices of the computer device 4. In this embodiment, the memory 41 is generally used for storing an operating system installed in the computer device 4 and various types of application software, such as program codes for controlling electronic files. Further, the memory 41 may also be used to temporarily store various types of data that have been output or are to be output.
The processor 42 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 42 is typically used to control the overall operation of the computer device 4. In this embodiment, the processor 42 is configured to execute the program code stored in the memory 41 or process data, such as program code for executing control of an electronic file.
The network interface 43 may comprise a wireless network interface or a wired network interface, and the network interface 43 is generally used for establishing communication connection between the computer device 4 and other electronic devices.
The present application further provides another embodiment, which is to provide a computer-readable storage medium storing an interface display program, where the interface display program is executable by at least one processor to cause the at least one processor to execute the steps of the forensic data trust verification method as described above.
Through the description of the foregoing embodiments, it is clear to those skilled in the art that the method of the foregoing embodiments may be implemented by software plus a necessary general hardware platform, and certainly may also be implemented by hardware, but in many cases, the former is a better implementation. Based on such understanding, the technical solutions of the present application or portions thereof that contribute to the prior art may be embodied in the form of a software product, where the computer software product is stored in a storage medium (such as a ROM/RAM, a magnetic disk, and an optical disk), and includes several instructions for enabling a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present application.
It is to be understood that the above-described embodiments are merely illustrative of some, but not restrictive, of the broad invention, and that the appended drawings illustrate preferred embodiments of the invention and do not limit the scope of the invention. This application is capable of embodiments in many different forms and the embodiments are provided so that this disclosure will be thorough and complete. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to one skilled in the art that modifications can be made to the embodiments described in the foregoing detailed description, or equivalents can be substituted for some of the features described therein. All equivalent structures made by using the contents of the specification and the drawings of the present application are directly or indirectly applied to other related technical fields, and all the equivalent structures are within the protection scope of the present application.

Claims (10)

1. A forensic data trust verification method, characterized by comprising:
obtaining a challenge request, wherein the challenge request comprises a history request identifier and/or a user identity identifier;
obtaining forensics data according to the challenge request;
and performing trusted verification on the evidence obtaining data based on the historical request identification and/or the user identity identification to obtain a trusted verification result.
2. The forensic data trust verification method according to claim 1, wherein the step of obtaining forensic data in accordance with the challenge request comprises:
verifying the authenticity of the user corresponding to the challenge request based on the user identity to obtain a verification result;
and when the verification result shows that the user is a real user, obtaining forensics data corresponding to the historical request identification.
3. The forensic data trusted verification method according to claim 2, wherein the step of obtaining the forensic data corresponding to the history request identifier when the verification result is that the user is a real user comprises:
when the user is a real user according to the verification result, sending the challenge request to a block chain;
and acquiring forensics data corresponding to the historical request identifier by adopting the block chain.
4. The forensic data trusted verification method according to claim 2, wherein the step of performing trusted verification on the forensic data based on the historical request identifier and/or the user identity identifier to obtain a trusted verification result comprises:
based on an intelligent contract, performing abnormal request historical record retrieval on the historical request identification and/or the user identity identification in a block chain to obtain a retrieval result;
if the retrieval result is that an abnormal request history record exists, determining that the credible verification result is that the evidence obtaining data is abnormal;
and if the retrieval result is that no abnormal request history record exists, determining that the credible verification result is that the evidence obtaining data is normal.
5. The forensic data trust verification method according to claim 4 in which the intelligent contract is an SQL intrusion trust judgment and recording contract.
6. The method for trusted verification of forensic data according to claim 4, wherein after said trusted verification of the forensic data based on the historical request identity and/or the user identity, resulting in a trusted verification result, the method further comprises:
when the credible verification result is that the evidence obtaining data is abnormal, acquiring an abnormal request historical record based on the challenge request;
generating an SQL intrusion verification report corresponding to the evidence data credible data based on the abnormal request historical record and the credible verification result;
and when the credible verification result indicates that the evidence obtaining data is normal, directly generating an SQL intrusion verification report corresponding to the credible data of the evidence obtaining data.
7. A forensic data trust verification apparatus, comprising:
the system comprises a challenge request acquisition module, a challenge request sending module and a challenge response sending module, wherein the challenge request acquisition module is used for acquiring a challenge request, and the challenge request comprises a history request identifier and/or a user identity identifier;
the evidence obtaining module is used for obtaining evidence obtaining data according to the question request;
and the trusted verification module is used for performing trusted verification on the evidence obtaining data based on the historical request identifier and/or the user identity identifier to obtain a trusted verification result.
8. The forensic data trust verification apparatus according to claim 7, wherein the forensic data acquisition module comprises:
the verification unit is used for verifying the authenticity of the user corresponding to the challenge request based on the user identity identifier to obtain a verification result;
and the evidence obtaining unit is used for obtaining evidence obtaining data corresponding to the historical request identifier when the verification result shows that the user is a real user.
9. A computer device comprising a memory, a processor, and a computer program stored in the memory and run on the processor, wherein the processor, when executing the computer program, implements the forensic data trust verification method of any of claims 1 to 6.
10. A computer-readable storage medium, in which a computer program is stored, which computer program, when being executed by a processor, carries out a forensic data trust verification method according to any one of claims 1 to 6.
CN202210894144.0A 2022-07-27 2022-07-27 Evidence obtaining data credibility verification method and device, computer equipment and storage medium Pending CN115170355A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210894144.0A CN115170355A (en) 2022-07-27 2022-07-27 Evidence obtaining data credibility verification method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210894144.0A CN115170355A (en) 2022-07-27 2022-07-27 Evidence obtaining data credibility verification method and device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115170355A true CN115170355A (en) 2022-10-11

Family

ID=83497251

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210894144.0A Pending CN115170355A (en) 2022-07-27 2022-07-27 Evidence obtaining data credibility verification method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115170355A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116305104A (en) * 2023-05-18 2023-06-23 湖南工商大学 Block chain-based data intrusion evidence obtaining method, device, equipment and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110535660A (en) * 2019-09-03 2019-12-03 杭州趣链科技有限公司 A kind of evidence obtaining service system based on block chain
CN110648243A (en) * 2019-08-20 2020-01-03 中国平安财产保险股份有限公司 Data processing method and device, computer equipment and storage medium
CN113221164A (en) * 2021-05-11 2021-08-06 支付宝(杭州)信息技术有限公司 Block chain-based data verification method and device and electronic equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110648243A (en) * 2019-08-20 2020-01-03 中国平安财产保险股份有限公司 Data processing method and device, computer equipment and storage medium
CN110535660A (en) * 2019-09-03 2019-12-03 杭州趣链科技有限公司 A kind of evidence obtaining service system based on block chain
CN113221164A (en) * 2021-05-11 2021-08-06 支付宝(杭州)信息技术有限公司 Block chain-based data verification method and device and electronic equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116305104A (en) * 2023-05-18 2023-06-23 湖南工商大学 Block chain-based data intrusion evidence obtaining method, device, equipment and medium

Similar Documents

Publication Publication Date Title
US9083701B2 (en) Method for providing active security authentication, and terminal and system supporting same
CN105446713A (en) Safe storage method and equipment
CN113239397A (en) Information access method, device, computer equipment and medium
CN114070583B (en) Information access control method, device, computer equipment and medium
CN101069154A (en) Non-intrusive trusted user interface
CN111783132A (en) SQL sentence security detection method, device, equipment and medium based on machine learning
CN108335105B (en) Data processing method and related equipment
CN113259342A (en) Login verification method, device, computer equipment and medium
CN112966304A (en) Method and device for preventing process document from being tampered, computer equipment and medium
CN115659378A (en) Case record information evidence storing method and related equipment
KR101586048B1 (en) System, Server, Method and Recording Medium for Blocking Illegal Applications, and Communication Terminal Therefor
CN115170355A (en) Evidence obtaining data credibility verification method and device, computer equipment and storage medium
CN110995658A (en) Gateway protection method, device, computer equipment and storage medium
CN113434254B (en) Client deployment method, client deployment apparatus, computer device, and storage medium
CN114462096A (en) Block chain-based Internet of things equipment control method and device, computer equipment and storage medium
CN110365642B (en) Method and device for monitoring information operation, computer equipment and storage medium
CN116723247A (en) Micro-service calling method, device, equipment and storage medium
CN113434824B (en) Software service authorization management method, device, equipment and storage medium
CN115733685A (en) Web session authentication management method and device, computer equipment and storage medium
CN114077749A (en) Data processing method based on block chain and related equipment thereof
CN112085469B (en) Data approval method, device, equipment and storage medium based on vector machine model
CN114912003A (en) Document searching method and device, computer equipment and storage medium
CN112632192A (en) Node maintenance method and device, computer equipment and medium
CN113507440A (en) Zero rule XSS attack detection method based on web application operation
CN112529574A (en) Protection method for certificate of intelligent password equipment and intelligent password equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20221011