CN115510473A - Confidential resource processing method, processing device and electronic equipment - Google Patents
Confidential resource processing method, processing device and electronic equipment Download PDFInfo
- Publication number
- CN115510473A CN115510473A CN202211480085.9A CN202211480085A CN115510473A CN 115510473 A CN115510473 A CN 115510473A CN 202211480085 A CN202211480085 A CN 202211480085A CN 115510473 A CN115510473 A CN 115510473A
- Authority
- CN
- China
- Prior art keywords
- resource
- target
- confidential
- data
- secret
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 29
- 238000012545 processing Methods 0.000 title claims abstract description 28
- 238000000034 method Methods 0.000 claims description 31
- 238000006243 chemical reaction Methods 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 2
- 230000036316 preload Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000001667 episodic effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a processing method, a processing device and an electronic device of confidential resources, comprising the following steps: after receiving a confidential resource, converting the confidential resource into a confidential copy, wherein at least part of file headers in the confidential copy are different from the confidential resource; and sending the secret copy to the target client based on the condition that the target client does not have the use permission of the secret resource. In the scheme, after receiving the confidential resources, the confidential resources are firstly converted into the confidential copies, and when the target client side does not have the use right of the confidential resources, the confidential copies are sent to the target client side.
Description
Technical Field
The present application relates to the field of information technologies, and in particular, to a processing method and a processing apparatus for secure resources, and an electronic device.
Background
In some scenarios, the secure resource can be used by the user only after being paid, usually a hotlink protection mode is adopted to limit the access of the user to the secure resource, and the user needs to check the authorization when requesting the resource file, so that the user is required to load the resource without permission before paying.
However, since the resource files are all large, and the expectation of providing the resource can be used immediately after the user pays a fee, the resource needs to be preloaded.
Therefore, there is a need for a method that is both pre-loaded and confidential to the resource.
Disclosure of Invention
In view of the above, the present application provides a processing method, a processing apparatus, and an electronic device for confidential resources, as follows:
a method of processing a secured resource, comprising:
after receiving a secret resource, extracting at least two bytes of data in a file header of the secret resource;
encrypting the at least two bytes of data based on a target key to obtain encrypted data;
converting a target value representing the length of the encrypted data into target data with bytes of a preset length;
combining the target data, the encrypted data and the remaining data except the at least two bytes of data in the confidential resource to obtain a confidential copy;
and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource.
Optionally, the processing method further includes:
based on the fact that a target client stores a secret copy and determines that the target client has the use permission of the secret resource, a target key is sent to the target client, so that the target client decrypts the secret copy based on the target key to obtain the secret resource, and the target key is a key for converting the secret resource into the secret copy.
Optionally, before sending the confidential copy to the target client, the processing method includes:
determining that the confidential resource is currently in a target validity period;
adding a preset secret identifier of the secret resource and a storage address of the secret copy to a target data list;
sending the target data list to a target client so that the target client determines loaded resources to generate feedback information based on the target data list;
and determining that the target client does not load the confidential resource based on the feedback information of the target client.
Optionally, the above processing method, determining whether the secret resource is currently in the target validity period, includes:
determining a target validity period based on a preset use time range and a preset time of the secret resource, wherein the starting time of the target validity period is earlier than the starting time of the use time, and the ending time of the target validity period is not later than the ending time of the use time;
and determining that the confidential resource is currently in the target validity period based on the fact that the current time belongs to the target validity period.
Optionally, in the processing method, the target data list further includes an unsecure resource and a storage address of the unsecure resource.
Optionally, in the processing method, the determining that the secret resource is currently located before the target validity period further includes:
and receiving an access request of the target client based on a preset interface.
A secure resource processing apparatus comprising:
the conversion module is used for converting the confidential resources into confidential copies after receiving the confidential resources;
the sending module is used for sending the confidential copy to the target client based on the fact that the target client does not have the use permission of the confidential resource;
wherein the conversion module comprises:
the extraction unit is used for extracting at least two bytes of data in a file header of the confidential resource;
the encryption unit is used for encrypting the at least two byte data based on the target key to obtain encrypted data;
the combination unit is used for converting a target numerical value representing the length of the encrypted data into target data with bytes of preset length; and combining the target data, the encrypted data and the residual data except the at least two bytes of data in the confidential resource to obtain a confidential copy.
An electronic device, comprising: a memory, a processor;
wherein, the memory stores a processing program;
the processor is used for loading and executing the processing program stored in the memory so as to realize the steps of the processing method of the secret resource.
As can be seen from the above technical solutions, the present application provides a processing method, a processing apparatus, and an electronic device for confidential resources, including: after receiving a confidential resource, converting the confidential resource into a confidential copy, wherein at least part of file headers in the confidential copy are different from the confidential resource; and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource. In the scheme, after receiving the confidential resources, the confidential resources are firstly converted into the confidential copies, and when the target client side does not have the use right of the confidential resources, the confidential copies are sent to the target client side.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on the provided drawings without creative efforts.
FIG. 1 is a flow chart of an embodiment 1 of a method for processing secure resources provided by the present application;
FIG. 2 is a flow chart of embodiment 2 of a method for processing secure resources provided by the present application;
FIG. 3 is a flow chart of embodiment 3 of a method for processing secure resources provided by the present application;
FIG. 4 is a schematic diagram of a secured resource and a secured copy in embodiment 3 of a method for processing secured resources provided by the present application;
FIG. 5 is a flow chart of embodiment 4 of a method for processing secure resources provided by the present application;
FIG. 6 is a flow chart of an embodiment 5 of a method for processing a secure resource provided by the present application;
FIG. 7 is a schematic structural diagram of an embodiment of a device for processing secure resources according to the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
As shown in fig. 1, a flow chart of an embodiment 1 of a method for processing a secure resource provided by the present application is applied to an electronic device, and the method includes the following steps:
step S101: after receiving the confidential resources, converting the confidential resources into confidential copies;
wherein at least a part of the file header in the secure copy is different from the secure resource.
The electronic equipment is an application server which can provide resources for the clients in the application, the application server serves as a service platform to provide resources for the clients, and the resources comprise secret resources and non-secret resources.
The confidential resource can be used only by the client with the use authority, and the non-confidential resource can be used by any client.
Wherein, the service platform operator uploads the resource to the server, and after the server receives the resource, if the resource is a confidential resource, the step S101 is executed.
In specific implementation, when uploading resources, an operator selects a secret mode or a non-secret mode, and after receiving the resources, the server determines that the resources are secret resources or non-secret resources based on the mode to which the server belongs.
In this embodiment, when the confidential resource is converted into a confidential copy, the file header of the confidential resource is at least partially destroyed, and the obtained confidential copy is that at least part of the file header is different from the confidential resource, so that even if the client receives the confidential copy, the confidential resource cannot be obtained by analysis due to the difference of the file header.
It should be noted that, the same secure resource may be the same or different from the secure copy generated for different clients.
Step S102: and sending the secret copy to the target client based on the condition that the target client does not have the use permission of the secret resource.
If the target client does not have the use authority case of the secret resource, the target client cannot use the secret resource.
In order to pre-load the secret resource, the secret copy is sent to a target client, and because at least part of a file header of the secret copy is different from the secret resource, the target client cannot normally analyze the secret copy, so that the original secret resource cannot be obtained, and the secret resource cannot be used.
Therefore, by sending the confidential copy to the target client without the use authority, on the premise of realizing the confidentiality of the confidential resource, the purpose of preloading the confidential resource to the target client is realized.
In summary, the method for processing secure resources provided in this embodiment includes: after receiving a confidential resource, converting the confidential resource into a confidential copy, wherein at least part of file headers in the confidential copy are different from the confidential resource; and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource. In the scheme, after receiving the confidential resources, the confidential resources are firstly converted into the confidential copies, and when the target client side does not have the use right of the confidential resources, the confidential copies are sent to the target client side.
As shown in fig. 2, a flow chart of embodiment 2 of a method for processing a secure resource provided by the present application includes the following steps:
step S201: after receiving the confidential resource, converting the confidential resource into a confidential copy;
step S202: based on that the target client side does not have the use permission of the secret resource, the secret copy is sent to the target client side;
steps S201 to S202 are the same as steps S101 to S102 in embodiment 1, and are not described again in this embodiment.
Step S203: and sending a target key to the target client based on the fact that the target client stores the secret copy and determines that the target client has the use permission of the secret resource, so that the target client decrypts the secret copy based on the target key to obtain the secret resource.
Wherein the target key is a key that converts a secure resource into a secure copy.
If the target client stores the confidential copy and determines that the target client has the use right of the confidential resource, the target client needs to process the stored confidential copy to obtain the corresponding confidential resource in order to enable the target client to use the confidential resource.
Specifically, the target key for converting the secure resource into the secure copy is sent to the target client, so that the target client decrypts the secure copy based on the target key to obtain the secure resource.
For example, the secure resource is a paid gift animation resource, the server preloads the resource to the client in the form of a secure copy in advance, and after the user pays for the gift, the server sends a key matched with the gift to the client of the user, so that the user restores the secure copy to a normal resource file which can be parsed through the key.
In specific implementation, a target client does not have the use authority of the secret resource at first, a secret copy corresponding to the secret resource is sent to the target client in advance, the use authority of the secret resource is obtained through a specific business process at present, a server adds the target client as a client with the use authority of the secret resource, and a target key for decrypting the secret copy corresponding to the secret resource is sent to the client.
It should be noted that, for the same secret resource, if the secret copies generated for different clients are the same, the corresponding target keys are also the same, and if the secret copies are different, the corresponding target keys are also different.
In specific implementation, after the target client obtains the use permission of the confidential resource, the server sends a target key to the target client, if the target client does not store the confidential copy, the server can request the corresponding confidential resource to enable the server to send the confidential copy to the target client, or the server is waited to actively send the confidential copy to the client, and the target client decrypts the confidential copy based on the target key after receiving the confidential copy to obtain the confidential resource.
In summary, the method for processing secure resources provided in this embodiment further includes: based on the fact that a target client stores a secret copy and determines that the target client has the use permission of the secret resource, a target key is sent to the target client, so that the target client decrypts the secret copy based on the target key to obtain the secret resource, and the target key is a key for converting the secret resource into the secret copy. According to the scheme, after the target client obtains the use permission of the confidential resource, the target key for decrypting the confidential copy is sent to the target client, so that the target client recovers the confidential copy into the resource file which can be analyzed based on the target key, and the target client is guaranteed to be capable of rapidly achieving the use of the confidential resource after obtaining the use permission.
As shown in fig. 3, a flow chart of embodiment 3 of a method for processing a secure resource provided by the present application includes the following steps:
step S301: after receiving the confidential resource, extracting at least two bytes of data in a file header of the confidential resource;
after receiving the confidential resource, extracting a plurality of bytes of data in a file header of the confidential resource to obtain residual data.
The number of bytes extracted from the file can be preset, and a larger value, such as 100, 50, etc., is generally taken, and the number of bytes extracted is not limited in the present application.
In a specific implementation, a file with a size of 1M includes 1024 × 1024 bytes, and a file with a size of 1G includes 1024 × 1024 × 1024 bytes, and for example, the number of bytes to be extracted is set to 100, and only the first 100 bytes are truncated.
For example, the secret resource file has y bytes, n bytes in the file header are intercepted, y > n, and the values of y and n are positive integers.
In specific implementation, it may be determined whether the secret resource needs to be preloaded first, specifically, the file of the secret resource may be compared with the set value of the extracted byte number, and if the byte number of the file of the secret resource is not greater than the value of the extracted byte number, the scheme in this embodiment is not executed without preloading.
Step S302: encrypting the at least two bytes of data based on a target key to obtain encrypted data;
the key may be generated based on an agreed key generation rule, or may be generated randomly.
The length of the key can be set according to actual conditions, and the length of the key is not limited in the application.
Specifically, a 16-bit length string containing characters or numbers may be generated as the key, such as B34C1D5678E290AF.
And encrypting the extracted byte data by adopting the target key and a preset encryption algorithm to obtain encrypted data.
The length of the encrypted data is irrelevant to the length of the extracted byte data, and the encrypted data and the extracted byte data can be the same or different.
For example, AES algorithm is used for encryption, specifically, the target key + extracted byte data is used as an input parameter, and the obtained output data is used as encrypted data.
Of course, in the specific implementation, other symmetric encryption algorithms may also be used, and the specific algorithm of the encryption algorithm used is not limited in this application.
Step S303: obtaining a secure copy at least based on the combination of the encrypted data and the remaining data of the secure resource except the at least two bytes of data;
and obtaining a secret copy based on the combination of the encrypted data obtained in the step and the residual data in the secret resource.
In a specific implementation, the encrypted data may be directly combined with the remaining data in the secure resource to obtain a secure copy.
For example, the secure resource file has y bytes, n bytes in the file header are intercepted, a 16-bit target key and the n bytes are combined and then input into an AES algorithm to obtain m-bit encrypted data, the m-bit encrypted data and (y-n) bytes are combined to obtain a secure copy of (y-n + m) bytes, and m is a positive integer.
In a specific implementation, the encrypted data and the remaining data in the secure resource can be combined in other ways to obtain a secure copy, so as to increase the decryption difficulty of the secure copy.
For example, other data, such as data relating to the length of the encrypted data, is added to the secure copy.
Specifically, the step S303 includes:
step S3031: converting the target value representing the length of the encrypted data into target data with preset length bytes;
the method comprises the steps of firstly determining the length of the encrypted data to obtain a target numerical value, and converting the target numerical value into target data with bytes of preset length.
Specifically, each bit character of the target value may be converted into target data of a preset length byte according to an agreed carry digit.
In the conversion process, if the data length obtained by converting the target value is smaller than the preset length, 0 is adopted for filling.
For example, the encrypted data is 112 bytes, a 10-system bit number is agreed, the preset length byte is 6 bits, and 112 is converted into 6-bit data to obtain [0, 0, 0, 1, 1, 2].
It should be noted that the preset byte length may be a set fixed value, and a value of the preset byte length needs to ensure that the bit length of the result obtained by encrypting the bits extracted from the confidential resource is less than a value obtained by subtracting one from the preset length of the default conversion condition koji.
The preset byte length is a, n-bit bytes are extracted from the confidential resource, and the encrypted data is converted by using 10-system digits, so that the bit length (10-system) of the result of the encrypted n-bit byte data is ensured to be less than the power a of 10 minus 1. For example, when a =6, the length of the encrypted encryption zone is not greater than 10 6 -1=99999。
Step S3032: and combining the target data, the encrypted data and the remaining data of the confidential resource except the at least two bytes of data to obtain a confidential copy.
And the target data and the encrypted data are sequentially put in front of the rest data in the confidential resource, so that the combination of the target data and the encrypted data is realized, and a confidential copy is obtained.
For example, the secure resource file has y bytes, n bytes in the file header are intercepted, the n byte data are encrypted to obtain m byte encrypted data, the m bytes are converted to obtain a byte program mark data, the target data and the encryption belong to the memory residual data, and a secure copy is obtained, wherein the number of the bytes is (a + m + y-n).
Note that the target data is data for characterizing the length of the encrypted data.
After a target client receives a secret copy, when the secret copy is analyzed, bytes with the preset length are extracted based on the appointed byte length to obtain target data, the length of encrypted data is determined based on the target data, the encrypted data are extracted from the rest secret copy files, the encrypted data are decrypted based on the appointed decryption mode and a target secret key to obtain at least two bytes of data in a file header of an original secret resource, and the at least two bytes of data are combined with the rest data (namely the rest data except the data with the at least two bytes in the secret resource) in the secret copy to obtain the original secret resource.
Fig. 4 is a schematic diagram of a secure resource and a secure copy, where a source file of the secure resource is y bytes, the first n bytes and the remaining n +1 to y bytes are extracted from the source file, the n bytes of data are processed to obtain m bytes of encrypted data, the data length of the m bytes is converted into a bytes, and a secure copy is obtained, where the secure copy is a fixed a byte storage encryption region length + m byte encryption region + n +1 to y bytes of the source file.
Because the encryption and decryption processes are only executed based on the key and the simple encryption and decryption conditions, a large amount of physical resources such as a Central Processing Unit (CPU), a memory and the like are not consumed.
Step S304: and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource.
Step S304 is the same as step S102 in embodiment 1, and is not described in detail in this embodiment.
In summary, the processing method for secure resources provided in this embodiment includes: extracting at least two bytes of data in a file header of the confidential resource; encrypting the at least two bytes of data based on the generated key to obtain encrypted data; and obtaining a secure copy at least based on the combination of the encrypted data and the remaining data of the secure resource except the at least two bytes of data. In the embodiment, a plurality of byte data in a file header of a secret resource are extracted, the extracted byte data are encrypted based on a generated secret key to obtain encrypted data, and then a secret copy is obtained at least based on the combination of the encrypted data and the residual data in the secret resource.
As shown in fig. 5, a flow chart of embodiment 4 of a method for processing a secure resource provided by the present application includes the following steps:
step S501: after receiving the confidential resources, converting the confidential resources into confidential copies;
step S501 is the same as step S101 in embodiment 1, and details are not described in this embodiment.
Step S502: determining that the confidential resource is currently in a target validity period;
obtaining the current time, determining whether the current time belongs to the target validity period of the confidential resource, and if the current time belongs to the target validity period, executing step S503; otherwise, wait until the target validity period is reached.
Wherein the target validity period is a time range in which a resource, which may be a secret resource or an insecure resource, can be preloaded.
Typically, the target validity period is related based on the time of availability of the resource, the start time of the target validity period is the time at which the resource can be preloaded, typically the start time of the time of availability of the resource, and the end time of the target validity period is no later than the end time of the time of availability of the resource.
In a specific implementation, the starting time of the target validity period may be a preset day before the starting time of the use of the secure resource, and the value of the preset day may be preset, for example, 3 to 7 days.
For example, if the confidential resource is an episodic event paying gift animation resource, and the service life is 2 months 13 days to 2 months 14 days, the target validity period is determined to be 2 months 10 days to 2 months 14 days, and preloading can be performed on unpaid clients in the target validity period.
Specifically, step S502 includes:
step S5021: determining a target validity period based on the preset use time range and the preset time of the confidential resource; wherein the start time of the target validity period is earlier than the start time of the usage time, and the end time of the target validity period is not later than the end time of the usage time.
Step S5022: and determining that the resource is currently in the target validity period based on the fact that the current time belongs to the target validity period.
If the current time is determined to belong to the target validity period of the secret resource, the secret resource can be preloaded.
Step S503: adding a preset secret identifier of the secret resource and a storage address of the secret copy to a target data list;
different identifications are set for the confidential resource and the non-confidential resource in the server, the confidential resource is provided with a preset confidential identification, and the non-confidential resource can be preset with a non-confidential identification or is not provided with an identification and the like.
And after the confidential resource is converted into the confidential copy, storing the confidential copy.
Specifically, the storage address of the secure copy and the preset secure identifier of the secure resource are correspondingly added to the target data list.
The target data list also includes non-secure resources and storage addresses of the non-secure resources.
In a specific implementation, the target data list stores information of the resource in the validity period, where the information includes a storage address of the resource and security or non-security, and the like.
Wherein, if the resource is a secure resource, the memory address is a memory address of a secure copy of the secure resource, and if the resource is an unsecure resource, the memory address is a memory address of the unsecure resource.
Step S504: sending the target data list to a target client so that the target client determines loaded resources to generate feedback information based on the target data list;
and sending the target data list to a plurality of clients corresponding to the server.
Wherein each client, upon receiving the target data list, may determine the loaded resources based on the stored resources.
Specifically, the target client may add a loaded identifier to the loaded resource information in the target data list, and feed back the target data list with the added loaded identifier to the server.
For example, the target data list includes secure resources a and B and an unsecure resource C, where the target client determines that a file has been downloaded from the storage address of the secure resource a and the storage address of the unsecure resource C based on the storage addresses of the resources, and adds a loaded identifier to the entry of the secure resource a and the unsecure resource C.
It should be noted that the target data table is provided for each client to prompt the client about the resources that can be currently loaded, the server may filter the resources stored by the client according to an agreed period, add the storage address and the confidential identifier/non-confidential identifier of the resources that belong to the loadable validity period to the target data table, and delete the storage address and the identifier of the resources if the resources in the target data table exceed the loadable validity period, so as to avoid the target data table being too large, and ensure that a new user does not download a useless resource file that has expired.
Step S505: determining that the target client does not load the secure resource based on feedback information of the target client;
after receiving the feedback information of the target client, determining that the secret resource is not loaded based on the feedback information, then executing the subsequent step S506, and sending the copy corresponding to the secret resource to the target client.
After the copy corresponding to the confidential resource is sent to the target client, the target client adds the loaded identifier to the entry corresponding to the confidential resource when receiving the target data table again at the subsequent time.
It should be noted that, if there are multiple resources that are not loaded in the target client, the resources may be sequentially sent to the target client from front to back based on the sequence of the resources recorded in the list fed back by the target client, where the resources include non-secure resources and/or secure copies.
Of course, the storage space required for loading each resource may also be added in the target data list, the target client may determine whether there is enough space to store the resource that it does not load, and if there is not enough space, prompt information may be generated to prompt the user of the target client that the storage space is insufficient.
Step S506: and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource.
Step S506 is the same as step S102 in embodiment 1, and details are not described in this embodiment.
In summary, the processing method for secure resources provided in this embodiment includes: determining that the confidential resource is currently in a target validity period; adding a preset security identification of the security resource and a storage address of the security copy to a target data list; sending the target data list to a target client so that the target client determines loaded resources to generate feedback information based on the target data list; and determining that the target client does not load the confidential resource based on the feedback information of the target client. In the embodiment, if the confidential resource is determined to be in the target validity period, the preset confidential identifier of the confidential resource and the storage address of the corresponding confidential copy are added into the target data list, and the target data list is sent to the target client, so that the target client feeds back whether the confidential resource is loaded to the server or not based on the content in the target data list, if not, the server can send the confidential copy of the confidential resource to the target client, and the target client is guaranteed to be capable of preloading the confidential resource.
As shown in fig. 6, a flow chart of embodiment 5 of a method for processing a secure resource provided by the present application includes the following steps:
step S601: after receiving the confidential resources, converting the confidential resources into confidential copies;
step S601 is the same as step S501 in embodiment 4, and details are not repeated in this embodiment.
Step S602: receiving an access request of a target client based on a preset interface;
the server is preset with a special interface which is used for receiving the access request of each client and preloading the client.
The data interface used by the server and the client for data interaction is different from the preset interface.
For example, the server is a server where the live application is located, the video data request and the live data are transmitted through the data interface in the process that the client requests the server for the video data request of the live video data and the server provides the live video data to the client, and the preset interface only executes the steps related to the preloaded resources.
The target client access request may be an access request generated after starting, and the target client generates an access request for access in an agreed period after starting.
The appointed period may be set according to an actual situation, such as 1 hour, 2 hours, 10 hours, and the like, and the duration of the appointed period is not limited in the present application.
The preset interface can trigger a subsequent preloading process for the target client based on the received access request.
Specifically, based on receiving the access request, the server determines whether the stored resource is in the target validity period, and if the stored resource is in the target validity period, a preset secret identifier of the secret resource and a storage address of a corresponding secret copy are added to a target data list; and if the non-confidential resource is in the target validity period, adding the storage address of the non-confidential resource into the target data list, adding a non-confidential resource identifier or not, obtaining a final target data list, and feeding back to the requested target client based on the preset interface.
It should be noted that, if it is determined that the stored resource is not in the target validity period, an empty list may be fed back to the target client, which indicates that the resource does not need to be loaded.
In a specific implementation, the subsequent steps may be performed by the predetermined interface.
Step S603: determining that the confidential resource is currently in a target validity period;
step S604: adding a preset security identification of the security resource and a storage address of the security copy to a target data list;
step S605: sending the target data list to a target client so that the target client determines loaded resources to generate feedback information based on the target data list;
step S606: determining that the target client does not load the confidential resource based on feedback information of the target client;
step S067: and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource.
Steps S603 to 607 are the same as steps S503 to 506 in embodiment 4, and are not described in detail in this embodiment.
In summary, the processing method for secure resources provided in this embodiment further includes: and receiving an access request of the target client based on a preset interface. In this embodiment, the step of determining whether the resources are locally in the target validity period is triggered based on that the preset interface receives an access request of the target client, and is distinguished from a common interactive interface, so that the resources can be preloaded in time on the premise of ensuring normal data communication between the target client and the server.
Corresponding to the embodiment of the processing method of the confidential resource provided by the application, the application also provides an embodiment of a device applying the processing method of the confidential resource.
Fig. 7 is a schematic structural diagram of an embodiment of a device for processing a secure resource provided in the present application, where the electronic device includes the following structures: a conversion module 701 and a transmission module 702;
the conversion module 701 is configured to, after receiving a secure resource, convert the secure resource into a secure copy, where at least a part of a file header in the secure copy is different from the secure resource;
the sending module 702 is configured to send the secure copy to the target client based on that the target client does not have the usage right of the secure resource.
Optionally, the sending module is further configured to:
based on the fact that a target client stores a secret copy and determines that the target client has the use permission of the secret resource, a target key is sent to the target client, so that the target client decrypts the secret copy based on the target key to obtain the secret resource, and the target key is a key for converting the secret resource into the secret copy.
Optionally, the conversion module includes:
the extraction unit is used for extracting at least two bytes of data in a file header of the confidential resource;
the encryption unit is used for encrypting the at least two byte data based on the target key to obtain encrypted data;
and the combining unit is used for combining the encrypted data with the residual data except the at least two bytes of data in the secret resource to obtain a secret copy.
Optionally, the combining unit is specifically configured to:
converting a target value representing the length of the encrypted data into target data with bytes of a preset length;
and combining the target data, the encrypted data and the remaining data of the confidential resource except the at least two bytes of data to obtain a confidential copy.
Optionally, the method further includes: the device comprises a first determining module, an adding module and a second determining module;
the first determining module is used for determining that the confidential resource is currently in a target validity period;
the adding module is used for adding the preset security identification of the security resource and the storage address of the security copy to a target data list;
the sending module is further configured to send the target data list to a target client, so that the target client determines that the loaded resource generates feedback information based on the target data list;
the second determining module is configured to determine, based on the feedback information of the target client, that the target client does not load the secure resource.
Optionally, the first determining module is specifically configured to:
determining a target validity period based on a preset use time range and a preset time of the secret resource, wherein the starting time of the target validity period is earlier than the starting time of the use time, and the ending time of the target validity period is not later than the ending time of the use time;
and determining that the confidential resource is currently in the target validity period based on the fact that the current time belongs to the target validity period.
Optionally, the target data list further includes an unsecured resource and a storage address of the unsecured resource.
Optionally, the method further includes:
and the receiving module is used for receiving an access request of the target client based on a preset interface.
It should be noted that, please refer to the explanation in the foregoing method embodiment for the functions of the components of the processing apparatus for securing resources provided in this embodiment, which are not repeated in this embodiment.
In summary, the present embodiment provides a device for processing secure resources, including: after receiving a confidential resource, converting the confidential resource into a confidential copy, wherein at least part of file headers in the confidential copy are different from the confidential resource; and sending the secret copy to the target client based on the fact that the target client does not have the use permission of the secret resource. In the scheme, after receiving the confidential resources, the confidential resources are firstly converted into the confidential copies, and when the target client side does not have the use right of the confidential resources, the confidential copies are sent to the target client side.
Corresponding to the embodiment of the processing method of the confidential resource provided by the application, the application also provides an electronic device and a readable storage medium corresponding to the processing method of the confidential resource.
Wherein, this electronic equipment includes: a memory, a processor;
wherein, the memorizer stores the processing program;
the processor is used for loading and executing the processing program stored in the memory so as to realize the steps of the processing method of the secret resource.
In particular, the processing method for realizing the secure resource of the electronic device may refer to the embodiment of the processing method for the secure resource.
Wherein the readable storage medium has stored thereon a computer program, which is called and executed by a processor, to implement the steps of the processing method of the secure resource as described in any one of the above.
In particular, the computer program stored in the readable storage medium executes the processing method for implementing the secure resource, and the embodiment of the processing method for the secure resource is referred to.
In the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the device provided by the embodiment, the description is relatively simple because the device corresponds to the method provided by the embodiment, and the relevant points can be referred to the method part for description.
The previous description of the provided embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features provided herein.
Claims (8)
1. A method for processing a secured resource, comprising:
after receiving a secret resource, extracting at least two bytes of data in a file header of the secret resource;
encrypting the at least two bytes of data based on a target key to obtain encrypted data;
converting the target value representing the length of the encrypted data into target data with preset length bytes;
combining the target data, the encrypted data and the remaining data except the at least two bytes of data in the confidential resource to obtain a confidential copy;
and sending the secret copy to the target client based on the condition that the target client does not have the use permission of the secret resource.
2. The processing method of claim 1, further comprising:
based on the fact that a target client stores a secret copy and determines that the target client has the use permission of the secret resource, a target key is sent to the target client, so that the target client decrypts the secret copy based on the target key to obtain the secret resource, and the target key is a key for converting the secret resource into the secret copy.
3. The process of claim 1, wherein prior to sending the secure copy to the target client, comprising:
determining that the confidential resource is currently in a target validity period;
adding a preset security identification of the security resource and a storage address of the security copy to a target data list;
sending the target data list to a target client so that the target client determines loaded resources to generate feedback information based on the target data list;
determining that the target client does not load the secure resource based on the feedback information of the target client.
4. The process of claim 3, wherein determining whether the secured resource is currently within the target validity period comprises:
determining a target validity period based on the preset use time range and the preset time of the confidential resource, wherein the starting time of the target validity period is earlier than the starting time of the use time, and the ending time of the target validity period is not later than the ending time of the use time;
and determining that the confidential resource is currently in the target validity period based on the fact that the current time belongs to the target validity period.
5. The processing method according to claim 3, wherein the target data list further includes an unsecured resource and a storage address of the unsecured resource.
6. The processing method of claim 3, wherein the determining that the secured resource is currently before a target validity period further comprises:
and receiving an access request of the target client based on a preset interface.
7. A secure resource processing apparatus, comprising:
the conversion module is used for converting the confidential resources into confidential copies after receiving the confidential resources;
the sending module is used for sending the confidential copy to the target client based on the condition that the target client does not have the use permission of the confidential resource;
wherein the conversion module comprises:
the extraction unit is used for extracting at least two bytes of data in a file header of the confidential resource;
the encryption unit is used for encrypting the at least two byte data based on the target key to obtain encrypted data;
the combination unit is used for converting a target numerical value representing the length of the encrypted data into target data with bytes of preset length; and combining the target data, the encrypted data and the remaining data of the confidential resource except the at least two bytes of data to obtain a confidential copy.
8. An electronic device, comprising: a memory, a processor;
wherein, the memory stores a processing program;
the processor is used for loading and executing the processing program stored in the memory to realize the steps of the processing method of the secret resource according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211480085.9A CN115510473A (en) | 2022-11-24 | 2022-11-24 | Confidential resource processing method, processing device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211480085.9A CN115510473A (en) | 2022-11-24 | 2022-11-24 | Confidential resource processing method, processing device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115510473A true CN115510473A (en) | 2022-12-23 |
Family
ID=84513817
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211480085.9A Pending CN115510473A (en) | 2022-11-24 | 2022-11-24 | Confidential resource processing method, processing device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115510473A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651714A (en) * | 2009-07-16 | 2010-02-17 | 深圳市酷开网络科技有限公司 | Downloading method and related system and equipment |
| CN106454409A (en) * | 2016-12-12 | 2017-02-22 | Tcl集团股份有限公司 | Encrypting method and device of multimedia document |
| CN110688667A (en) * | 2019-10-09 | 2020-01-14 | 北京无限光场科技有限公司 | Picture file processing method and device, terminal equipment and medium |
| CN111049777A (en) * | 2018-10-12 | 2020-04-21 | 中国移动通信集团广西有限公司 | File pushing, downloading and playing method, device, equipment and medium |
| CN112416450A (en) * | 2020-06-05 | 2021-02-26 | 上海哔哩哔哩科技有限公司 | Resource encryption and display method and system |
-
2022
- 2022-11-24 CN CN202211480085.9A patent/CN115510473A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101651714A (en) * | 2009-07-16 | 2010-02-17 | 深圳市酷开网络科技有限公司 | Downloading method and related system and equipment |
| CN106454409A (en) * | 2016-12-12 | 2017-02-22 | Tcl集团股份有限公司 | Encrypting method and device of multimedia document |
| CN111049777A (en) * | 2018-10-12 | 2020-04-21 | 中国移动通信集团广西有限公司 | File pushing, downloading and playing method, device, equipment and medium |
| CN110688667A (en) * | 2019-10-09 | 2020-01-14 | 北京无限光场科技有限公司 | Picture file processing method and device, terminal equipment and medium |
| CN112416450A (en) * | 2020-06-05 | 2021-02-26 | 上海哔哩哔哩科技有限公司 | Resource encryption and display method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9832016B2 (en) | Methods, systems and computer program product for providing verification code recovery and remote authentication | |
| US11233658B2 (en) | Digital transaction signing for multiple client devices using secured encrypted private keys | |
| CN102077213B (en) | Techniques for ensuring authentication and integrity of communications | |
| US11943350B2 (en) | Systems and methods for re-using cold storage keys | |
| US20120226823A1 (en) | Document distribution system and method | |
| US20170091463A1 (en) | Secure Audit Logging | |
| JP2012517047A (en) | Clipboard security system and method | |
| KR20080105721A (en) | Text security method | |
| TW201220122A (en) | Software authorization system and method | |
| US11196558B1 (en) | Systems, methods, and computer-readable media for protecting cryptographic keys | |
| US8392723B2 (en) | Information processing apparatus and computer readable medium for preventing unauthorized operation of a program | |
| CN115510473A (en) | Confidential resource processing method, processing device and electronic equipment | |
| US20110179444A1 (en) | Apparatus and method for downloading conditional access images | |
| CN102006567A (en) | Push-message processing method and system and equipment for implementing push-message processing method | |
| KR20050010745A (en) | Data communication system, information processing device and method, recording medium, and program | |
| CN115766064A (en) | Password application method, device, equipment and storage medium | |
| JP2003303185A (en) | Document processing device, document processing method, and document processing program | |
| KR20110085850A (en) | Apparatus and method for secure update for conditional access images | |
| Kumar et al. | A Novel Technique for Data Integrity Using Block Verification in Cloud Computing | |
| US20230336347A1 (en) | Token-based access control with authentication data | |
| WO2022118281A1 (en) | A method and a system for securely sharing datasets via glyphs | |
| JP4958014B2 (en) | File data transfer method, file data transfer program, file data transfer system, and communication terminal | |
| CN116668147A (en) | Data transmission method, electronic device and computer readable storage medium | |
| CN117439808A (en) | Data processing method and device based on encryption and decryption algorithm and electronic equipment | |
| KR20220130657A (en) | A method and a device for transferring inheriting data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20221223 |