CN115758300A - Data processing method and device, electronic equipment and storage medium - Google Patents

Data processing method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115758300A
CN115758300A CN202211505723.8A CN202211505723A CN115758300A CN 115758300 A CN115758300 A CN 115758300A CN 202211505723 A CN202211505723 A CN 202211505723A CN 115758300 A CN115758300 A CN 115758300A
Authority
CN
China
Prior art keywords
check code
data
access request
object identifier
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211505723.8A
Other languages
Chinese (zh)
Other versions
CN115758300B (en
Inventor
翟猛
赵璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Taoyoutianxia Technology Co ltd
Original Assignee
Beijing Taoyoutianxia Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Taoyoutianxia Technology Co ltd filed Critical Beijing Taoyoutianxia Technology Co ltd
Priority to CN202211505723.8A priority Critical patent/CN115758300B/en
Publication of CN115758300A publication Critical patent/CN115758300A/en
Application granted granted Critical
Publication of CN115758300B publication Critical patent/CN115758300B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Storage Device Security (AREA)

Abstract

The application relates to the technical field of internet and discloses a data processing method and device, electronic equipment and a storage medium. The method comprises the following steps: receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request; generating a second check code according to the first object identification and the second object identification; determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; the first check code is generated in advance according to the first object identification and the second object identification, the target data is data associated with the second object identification, and when the first object accesses the target data, the target data can be acquired only when the first check code is carried correctly, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network safety is improved.

Description

Data processing method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of internet technologies, and in particular, to a data processing method, an apparatus, an electronic device, and a storage medium.
Background
With the continuous development of network applications, activities such as communication and learning performed by using application software and web pages occupy a necessary part of daily life, and the application software and the web pages need to acquire relevant data of users when being used, so that a large amount of user data is stored in a server or other devices corresponding to the application software and the web pages. However, with the continuous development of web applications, the network risks faced when using application software, web pages, etc. are also increasing, and there are some abnormal user (e.g. crawler) crawling user data through the backend interface, resulting in user data leakage.
In the prior art, when crawling data is prevented, generally, checking is required to be performed at intervals, when the number of times that the same interface is called by the same user exceeds a certain threshold value, an alarm is given, and then operations such as manual number sealing are performed. However, in the above manner, some abnormal users still bypass the check by replacing the user id, which results in leakage of user data.
Disclosure of Invention
The embodiment of the application provides a data processing method, which aims to solve the problem that some abnormal users crawl user data through a back-end interface to cause user data leakage in the prior art.
Correspondingly, the embodiment of the application also provides a data processing device, an electronic device and a storage medium, which are used for ensuring the implementation and application of the method.
In order to solve the above problem, an embodiment of the present application discloses a data processing method, including:
receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier;
generating a second check code according to the first object identifier and the second object identifier;
determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; wherein the target data is data associated with the second object identifier.
The embodiment of the application also discloses a data processing device, which comprises:
the receiving request module is used for receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier;
the data processing module is used for generating a second check code according to the first object identifier and the second object identifier;
the verification feedback module is used for determining that the first verification code is matched with the second verification code and feeding back target data requested by the data access request; wherein the target data is data associated with the second object identifier.
The embodiment of the present application further discloses an electronic device, which includes a memory, a processor, and a computer program that is stored in the memory and can be run on the processor, and when the processor executes the program, the data processing method shown in the first aspect of the present application is implemented.
The embodiment of the application also discloses a computer readable storage medium, wherein a computer program is stored on the computer readable storage medium, and the computer program is used for realizing the method according to one or more of the embodiments of the application when being executed by a processor.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
in the embodiment of the application, a data access request is received, and a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request are obtained; generating a second check code according to the first object identifier and the second object identifier; determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier, the target data is data associated with the second object identifier, and when the first object accesses the target data, the target data can be acquired only when the first object needs to carry the correct first check code, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network security is improved.
Additional aspects and advantages of embodiments of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a flowchart of a data processing method provided in an embodiment of the present application;
fig. 2 is a schematic diagram of a data processing method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a recommended page usage data processing method according to an embodiment of the present application;
fig. 4 is a flowchart of a server-side data processing method according to an embodiment of the present application;
fig. 5 is a schematic diagram of a first object client display object provided in an embodiment of the present application;
fig. 6 is a schematic diagram of a first object client displaying target data according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The scheme provided by the embodiment of the application can be executed by any electronic device, such as a terminal device, or a server, wherein the server can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud computing service. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein. For technical problems in the prior art, the data processing method, apparatus, electronic device and storage medium provided by the present application aim to solve at least one of the technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems in detail with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The embodiment of the present application provides a possible implementation manner, and as shown in fig. 1, a flowchart of a data processing method is provided, where the scheme may be executed by any electronic device, and optionally may be executed at a server side or a terminal device, and for convenience of description, the method provided in the embodiment of the present application is described below with a server as an execution subject.
In the prior art, whether data is crawled by an abnormal user is monitored through a back-end interface. Checking the interface every 1 hour, alarming when the number of times that the same interface is called by the same id exceeds a certain threshold value, and then carrying out manual number sealing operation.
As shown in the user recommendation page in fig. 5, the system of the application recommends object a, object B, etc. to object X, which is the visitor and object a, object B, etc. are the interviewees when object X views the personal homepages of object a, object B, etc. Wherein, the visitor is a user who actively views the data of others (such as the personal homepage of others); the interviewee is a user who is viewed by other users on his/her own data (e.g., his/her own personal homepage).
As shown in fig. 5, the system first recommends different users for the object X, and sends an identification id unique to the user during recommendation, and when the object X accesses a homepage of a certain user, obtains information of the corresponding user from a back end through the id, and displays the information. The backend interface records the visitor id of each action, such as the id of object X. Then, whether the visitor is an abnormal user or not is judged by counting that the visitor visits several different interviewee personal homepages within a period of time (usually 1 hour), and operations such as alarming, number sealing and the like are carried out after the visitor is judged to be an abnormal user.
However, the above solution has the following disadvantages:
the checking mechanism is simple and the check can be bypassed by manually changing the visitor id. Namely, the abnormal user can establish a batch of normal accounts, and the abnormal user can switch between the accounts to avoid that the same id is counted by aggregation.
The monitoring and alarming time interval is long, and the response is slow. Specifically, the monitoring form based on offline statistics is limited by resources (the requested access amount is huge, and real-time statistics cannot be performed), and only inspection and alarm can be performed at fixed intervals, so that the real-time performance is poor.
When the attack is caused, manual confirmation is needed and then the number sealing operation is executed, so that the efficiency is low.
The method and the device can be applied to the field of network security, when the first object accesses the target data associated with the second object, the correct first check code needs to be carried, namely when the first check code is matched with the second check code, the target data can be obtained, the problem that user information is crawled through an interface is solved, and the network security is improved.
As shown in fig. 1, the method may include the steps of:
step 101, receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request, and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier.
Optionally, the data processing method provided in this embodiment of the present application may be applied to a data verification server or other verification tools or devices, and for convenience of description, the application of the method to the data verification server (hereinafter, referred to as a server) is described as an example in the following.
When a server receives a data access request, a requester and a receiver of the data access request are determined, wherein the requester is an object sending the data access request, namely a first object, and the receiver is an object requested by the data request, namely a second object. When the first object sends an access request to access the target data of the second object, the first object needs to carry a first check code, the first check code can be used as a 'pass' for the first object to access the target data of the second object, and the server returns the target data of the second object for the first object only under the condition that the first check code is determined to be correct.
As a first example, in conjunction with fig. 2, a first object issues a data access request, which may be a request to view data of a second object, where the data access request includes a first object identifier of the first object, a second object identifier of the second object, and a first check code. The second object identifier may be pre-stored in the database corresponding to the first object, and has an association relationship with the first object identifier. The first check code may be obtained by calculating the first object identifier and the second object identifier in advance, and then the first check code is stored in the database of the first object, where the first check code has an association relationship with both the first object identifier and the second object identifier.
The server receives the data access request, and obtains the first object identifier, the second object identifier and the first check code from the data access request in a direct obtaining and analyzing mode.
And 102, generating a second check code according to the first object identifier and the second object identifier.
With reference to fig. 2, after acquiring the first object identifier, the second object identifier, and the first check code from the data request, the server may generate the second check code through the first object identifier and the second object identifier.
103, determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; wherein the target data is data associated with the second object identifier.
The matching between the first check code and the second check code may mean that the first check code and the second check code are completely the same, or that the first check code and the second check code are in a one-to-one mapping relationship.
With reference to fig. 2, after generating the second check code, the server performs matching processing on the first check code acquired from the data request and the generated second check code, and if the first check code and the second check code are matched, feeds back target data corresponding to the second object to the first object, that is, feeds back the target data of the request of the data access request.
The first check code is generated through the first object identification and the second object identification, so that the first check code can be used as a unique identification for identifying the relationship between the first object and the second object, when the first object acquires the target data of the second object, whether the behavior of the first object for accessing the target data of the second object is normal or not can be identified through the first check code, and the problem of data leakage caused by abnormal access can be avoided. The target data requested by the data access request can be fed back by judging whether the first check code is matched with the second check code or not, and if the first check code is matched with the second check code, the behavior of the first object for accessing the target data of the second object is normal; otherwise, the behavior of the first object accessing the target data of the second object is abnormal, the target data requested by the data access request is not fed back, and the problem of user data leakage during abnormal access can be avoided.
In the embodiment of the application, a data access request is received, and a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request are obtained; generating a second check code according to the first object identifier and the second object identifier; determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier, the target data is data associated with the second object identifier, and when the first object accesses the target data, the target data can be acquired only when the first object needs to carry the correct first check code, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network security is improved.
In an optional embodiment, before receiving the data access request, the method further includes:
step 201, receiving an object access request, determining the second object, and acquiring the second object identifier and the first object identifier; the object access request is a request for acquiring the data of the second object from the first object.
In connection with fig. 2, the first object issues an object access request, which may include a first object identification of the first object. An object access request issued by a first object may specify access to data of an object, for example by querying an ID of a second object to obtain data of the second object; or randomly acquiring data of the second object by selecting a preset operation.
The server receives the object access request, acquires the first object identification in the object access request, and then can designate one or more objects to be associated with the first object according to the object access request, wherein if one object is designated to be associated with the first object, the designated object is the second object. If a plurality of objects are specified to be associated with the first object, the object selected by the first object in the specified plurality of objects can be taken as the second object in response to the selection of the first object, for example, in step 203, after the server feeds back each object of the feedback object access request, the identifier corresponding to the object, and the check code corresponding to the object, the first object receives the plurality of objects and displays the plurality of objects on the first object client, and the first object can select one of the objects to send the data access request, and then the first object selects the object sending the data access request as the second object. After the server appoints one or more objects to be associated with the first object, the server obtains the identifications of the appointed one or more objects, wherein the identifications of the second object are included, and the identifications of each object are different.
Step 202, generating the first check code according to the first object identifier and the second object identifier;
if an object is specified to be associated with the first object, the object can be used as a second object, and a first check code is generated according to the first object identification and the second object identification of the object; if a plurality of objects are specified to be associated with the first object, calculating the identification of the first object and the identification of the object to generate a check code for each object, wherein the object selected by the first object can be used as a second object in response to the selection of the first object, and the check code generated by the identification of the first object and the identification of the second object can be used as the first check code.
Step 203, feeding back the second object, the second object identifier and the first check code requested by the object access request. Namely, the second object identifier and the first check code are fed back to the first object. And if the server specifies that the plurality of objects are associated with the first object, feeding back the plurality of objects requested by the object access request, the identifiers corresponding to the plurality of objects and the corresponding check codes.
After the first object receives the plurality of objects, the identifiers corresponding to the plurality of objects and the corresponding check codes, the identifiers and the check codes corresponding to the objects are stored in the database, the one-to-one correspondence relationship between the objects and the check codes of the objects is formed, and the data of the plurality of objects are displayed on the client side of the first object.
The first object may select one of the objects as the second object to send the data access request, the identifier of the object selected by the first object to send the data access request may be the identifier of the second object, and the check code of the object selected by the first object to send the data access request may be the first check code.
In this embodiment, the server generates the first check code in advance through the first object identifier and the second object identifier, and because of the uniqueness of the first object identifier and the second object identifier, the first check code generated according to the first object identifier and the second object identifier has uniqueness.
The method can be applied to a user recommendation page of social software, as shown in fig. 3, specifically as follows:
the visitor visits the user recommendation page, the back end inquires which users are recommended to the visitor, tokens (namely, a first check code) are calculated according to the visitor id and the recommended user id, and each pair generates one token. Then, returning the recommended user and returning the token between the user and the visitor to the front end;
the user is interested in a certain recommended user and clicks the head portrait of the user to view the personal homepage of the user;
when the personal homepages of other users are visited, namely, a visitor clicks the homepage of the recommended user to check personal data, the token calculated by the back end is carried, and the request parameters comprise the id of the visitor, the id of the recommended user and the token between the id of the recommended user and the token;
after receiving the request, the back end calculates a token (second check code) again by using the same algorithm according to the visitor id and the recommended user id, and compares the token (second check code) with the token (first check code) in the front-end request parameter to determine whether the token (second check code) is consistent with the token (first check code) in the front-end request parameter;
if the two check codes are not consistent, illegal access is judged, if the two check codes are consistent, correct data is returned, namely personal data is returned after the token (first check code) is calculated to be correct.
The following is a detailed description of the processing procedure of the server for the first check code and the second check code:
as a second example, as shown in fig. 4, the server includes a first interface, where the first interface is configured to receive an object access request of a first object, and after receiving the object access request, the server may issue a first object identifier, a second object identifier, and a first check code through the first object interface; the server also comprises a second interface, wherein the second interface is used for receiving a data access request, and after the first object sends the data access request, the second interface receives a first object identifier, a second object identifier and a first check code which are included in the data access request; the server further comprises a check interface, the server sends the first object identifier, the second object identifier and the first check code to the check interface to check the first check code, specifically, the second check code is generated according to the first object identifier and the second object identifier, whether the first check code and the second check code are successfully matched is judged, if the first check code and the second check code are successfully matched, target data associated with the second object identifier is obtained through the user data obtaining module, and the target data is issued to the client of the first object through the third interface; and if the matching is successful, feeding back error information.
As a third example, in conjunction with fig. 5, the second object may send an object access request by clicking the first button 501, and the first button 501 may be marked with information such as "recommendation" to facilitate the operation of the first object. After receiving the object access request, the server can randomly designate an object A, an object B, an object C, an object D, an object E … … to be associated with the first object, and then obtain the identifications of all the objects, wherein the identifications of the object A, the object B, the object C, the object D and the object E are different. Then, a check code is generated according to the first object identifier and the corresponding object identifier, for example, a check code a is generated according to the first object identifier and the identifier corresponding to the object a, and a check code B, … … is generated according to the first object identifier and the identifier corresponding to the object B. The check code a, the check code b, and the like may be a character string, or may be data in other forms, which is not limited in this embodiment.
The server may then feed back the plurality of objects, the identifiers corresponding to the objects, and the check codes to the first object. The database of the first object stores the received identification and check code in an associated manner and displays the data of the object. As shown in fig. 5, if the objects displayed by the client of the first object are object a, object B, object C, object D, and object E … …, respectively, the identifier and the check code a corresponding to the object a are correspondingly stored in the database of the first object, and an association relationship is established between the identifier of the object a and the check code a; correspondingly storing the identification and the check code B corresponding to the object B in the database of the first object, and establishing an association relationship between the identification and the check code B of the object B; and so on.
In addition, when the client of the first object displays data of a plurality of objects, the display part 502 of the corresponding object is associated with the corresponding identifier in the database; for example, the display 502 of object a is associated with the logo of object a, and the display 502 of object B is associated with the logo of object B.
Assuming that the data access request is a request to access data of the object a, in this embodiment, the object a is used as the second object, the identifier of the object a is used as the second object identifier, the check code a of the object a is used as the first check code, and the first object can send the data access request by clicking the display portion 502 of the object a. When the first object clicks the display portion 502 of the object a, the identifier of the object a (i.e., the second object identifier) and the corresponding check code a (i.e., the first check code) are obtained from the database through the display portion 502, and the first object identifier, the second object identifier, and the first check code of the first object are appended to the data access request and sent out.
When receiving a data access request, a server acquires a first object identifier, a second object identifier and a first check code from the data access request, and generates a second check code through the first object identifier and the second object identifier; and then judging whether the second check code is matched with the first check code, if so, acquiring corresponding target data in a database corresponding to the object A by the server through the second object identifier, and returning the target data to the first object.
The first object receives the object data and displays the object data, i.e. the data of the display object a, see fig. 6.
Optionally, after the first object receives the second object, the second object identifier, and the first check code, the first object displays data of the second object on a client of the second object, such as a page shown in fig. 5, and if the first object leaves the page, the first check code stored in the database corresponding to the first object is removed, so as to reduce storage pressure of the database.
In an optional embodiment, the generating the first check code according to the first object identifier and the second object identifier includes:
and inputting the first object identifier and the second object identifier into a first preset calculation model to obtain the first check code.
Optionally, an algorithm may be designed in advance, the algorithm is packaged to form a first preset calculation model, the first object identifier and the second object identifier are input into the first preset calculation model through the input interface, and the first check code output by the first preset calculation model is obtained through the output interface.
In an optional embodiment, the generating a second check code according to the first object identifier and the second object identifier includes:
and inputting the first object identification and the second object identification into a second preset calculation model to obtain the second check code.
Optionally, an algorithm may be designed in advance, the algorithm is packaged to form a second preset calculation model, the first object identifier and the second object identifier are input into the second preset calculation model through the input interface, and the second check code output by the second preset calculation model is obtained through the output interface.
In an alternative embodiment, the first computational model and the second computational model are matched.
Optionally, the first computation model is the same as the second computation module, and the server may determine whether the first check code is the same as the second check code when determining whether the first check code is matched with the second check code, and feed back the target data requested by the data access request if the first check code is the same as the second check code.
In an optional embodiment, further comprising:
and determining that the first check code is not matched with the second check code, and feeding back error information to the data access request. So as to prompt the first object that the target data was acquired in error.
In the embodiment of the application, a data access request is received, and a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request are obtained; generating a second check code according to the first object identifier and the second object identifier; determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier, the target data is data associated with the second object identifier, and when the first object accesses the target data, the target data can be acquired only when the first object needs to carry the correct first check code, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network security is improved.
Based on the same principle as the method provided by the embodiment of the present application, the embodiment of the present application further provides a data processing apparatus, as shown in fig. 7, the apparatus includes:
a request receiving module 701, configured to receive a data access request, and obtain a first check code included in the data access request, a first object identifier of a first object of the data access request, and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier.
Optionally, the data processing method provided in this embodiment of the present application may be applied to a data verification server or other verification tools or devices, and for convenience of description, the application of the method to the data verification server (hereinafter, referred to as a server) is described as an example in the following.
When a server receives a data access request, a requester and a receiver of the data access request are determined, wherein the requester is an object sending the data access request, namely a first object, and the receiver is an object requested by the data request, namely a second object. When the first object sends an access request to access the target data of the second object, the first object needs to carry a first check code, the first check code can be used as a 'pass' for the first object to access the target data of the second object, and the server returns the target data of the second object for the first object only under the condition that the first check code is determined to be correct.
As a first example, in conjunction with fig. 2, a first object issues a data access request, which may be a request to view data of a second object, where the data access request includes a first object identifier of the first object, a second object identifier of the second object, and a first check code. The second object identifier may be pre-stored in the database corresponding to the first object, and has an association relationship with the first object identifier. The first check code may be obtained by calculating the first object identifier and the second object identifier in advance, and then the first check code is stored in the database of the first object, where the first check code has an association relationship with both the first object identifier and the second object identifier.
The server receives the data access request, and obtains the first object identifier, the second object identifier and the first check code from the data access request in a direct obtaining and analyzing mode.
And a data processing unit 702, configured to generate a second check code according to the first object identifier and the second object identifier.
With reference to fig. 2, after the server obtains the first object identifier, the second object identifier, and the first check code from the data request, the second check code may be generated through the first object identifier and the second object identifier.
A check feedback module 703, configured to determine that the first check code matches the second check code, and feed back the target data requested by the data access request; wherein the target data is data associated with the second object identifier.
The matching between the first check code and the second check code may mean that the first check code and the second check code are completely the same, or that the first check code and the second check code are in a one-to-one mapping relationship.
With reference to fig. 2, after generating the second check code, the server performs matching processing on the first check code acquired from the data request and the generated second check code, and if the first check code and the second check code are matched, feeds back target data corresponding to the second object to the first object, that is, feeds back the target data of the request of the data access request.
The first check code is generated through the first object identification and the second object identification, so that the first check code can be used as a unique identification for identifying the relationship between the first object and the second object, when the first object acquires the target data of the second object, whether the behavior of the first object for accessing the target data of the second object is normal or not can be identified through the first check code, and the problem of data leakage caused by abnormal access can be avoided. The target data requested by the data access request can be fed back by judging whether the first check code is matched with the second check code or not, and if the first check code is matched with the second check code, the behavior of the first object for accessing the target data of the second object is normal; otherwise, the behavior of the first object for accessing the target data of the second object is abnormal, the target data requested by the data access request is not fed back, and the problem of user data leakage during abnormal access can be avoided.
In an optional embodiment of the present application, the apparatus further comprises:
the receiving request module 701 is further configured to receive an object access request, determine the second object, and obtain the second object identifier and the first object identifier; the object access request is a request for the first object to acquire the data of the second object;
a data processing module 702, further configured to generate the first check code according to the first object identifier and the second object identifier;
the check feedback module 703 is further configured to feed back the second object, the second object identifier, and the first check code requested by the object access request.
In an optional embodiment of the present application, the data processing module 702 includes:
and the first data processing submodule is used for inputting the first object identifier and the second object identifier into a first preset calculation model to obtain the first check code.
In an optional embodiment of the present application, the data processing module 702 includes:
and the second data processing submodule is used for inputting the first object identifier and the second object identifier into a second preset calculation model to obtain the second check code.
In an alternative embodiment of the present application, the first computational model and the second computational model are matched.
In an optional embodiment of the present application, the apparatus further comprises:
the check feedback module 703 is further configured to determine that the first check code is not matched with the second check code, and feed back error information to the data access request.
The data processing apparatus provided in the embodiment of the present application can implement each process implemented in the method embodiments of fig. 1 to fig. 6, and is not described here again to avoid repetition.
In the data processing apparatus provided by the present application, the receiving request module 701 is configured to receive a data access request, and obtain a first check code included in the data access request, and a first object identifier of a first object and a second object identifier of a second object of the data access request; the data processing 702 is configured to generate a second check code according to the first object identifier and the second object identifier; the check feedback module 703 is configured to match the first check code with the second check code, and feed back the target data requested by the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier, the target data is data associated with the second object identifier, and when the first object accesses the target data, the target data can be acquired only when the first object needs to carry the correct first check code, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network security is improved.
The data processing apparatus of the embodiment of the present application can execute the data processing method provided by the embodiment of the present application, and the implementation principle is similar, the actions executed by each module and unit in the data processing apparatus in each embodiment of the present application correspond to the steps in the data processing method in each embodiment of the present application, and for the detailed functional description of each module of the data processing apparatus, reference may be specifically made to the description in the corresponding data processing method shown in the foregoing, and details are not repeated here.
Based on the same principle as the method shown in the embodiments of the present application, the embodiments of the present application also provide an electronic device, which may include but is not limited to: a processor and a memory; a memory for storing a computer program; a processor for executing the data processing method according to any of the alternative embodiments of the present application by calling a computer program. Compared with the prior art, the data processing method provided by the application obtains a first check code included in a data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object by receiving the data access request; generating a second check code according to the first object identifier and the second object identifier; determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier, the target data is data associated with the second object identifier, and when the first object accesses the target data, the target data can be acquired only when the first object needs to carry the correct first check code, namely the first check code is matched with the second check code, so that the problem of user information crawling through an interface is solved, and the network security is improved.
In an alternative embodiment, there is also provided an electronic device, as shown in fig. 8, where the electronic device 8000 shown in fig. 8 may be a server, including: a processor 8001 and memory 8003. Processor 8001 and memory 8003 are connected, such as by bus 8002. Optionally, the electronic device 8000 may also include a transceiver 8004. In addition, the transceiver 8004 is not limited to one in practical applications, and the structure of the electronic device 8000 does not limit the embodiment of the present application.
Processor 8001 may be a CPU (central processing unit), general purpose processor, DSP (digital signal processor), ASIC (application specific integrated circuit), FPGA (Field programmable gate array), or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. Processor 8001 may also be a combination that implements computing functionality, e.g., comprising one or more microprocessor combinations, DSP and microprocessor combinations, and so forth.
Bus 8002 may include a path to transfer information between the aforementioned components. The bus 8002 may be a PCI (peripheral component interconnect) bus, an EISA (extended industry standard architecture) bus, or the like. The bus 8002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 8, but this is not intended to represent only one bus or type of bus.
The Memory 8003 may be a ROM (read only Memory) or other type of static storage device that can store static information and instructions, a RAM (random access Memory) or other type of dynamic storage device that can store information and instructions, an EEPROM (electrically erasable programmable read only Memory), a CD-ROM (compact disc read only Memory) or other optical disc storage, optical disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disc storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to this.
The memory 8003 is used for storing application program codes for executing the scheme of the present application, and the execution is controlled by the processor 8001. Processor 8001 is used to execute application program code stored in memory 8003 to implement the aspects shown in the foregoing method embodiments.
Among them, electronic devices include but are not limited to: mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), in-vehicle terminals (e.g., in-vehicle navigation terminals), and the like, and fixed terminals such as digital TVs, desktop computers, and the like. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the use range of the embodiment of the present application.
The server provided by the application can be an independent physical server, can also be a server cluster or distributed system formed by a plurality of physical servers, and can also be a cloud server for providing basic cloud computing services such as cloud service, a cloud database, cloud computing, cloud functions, cloud storage, network service, cloud communication, middleware service, domain name service, security service, CDN (content delivery network) and big data and artificial intelligence platforms. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
The present application provides a computer-readable storage medium, on which a computer program is stored, which, when running on a computer, enables the computer to execute the corresponding content in the foregoing method embodiments.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless otherwise indicated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
It should be noted that the computer readable storage medium mentioned above in the present application may also be a computer readable signal medium or a combination of a computer readable storage medium and a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to perform the methods shown in the above embodiments.
According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device executes the data processing method provided in the above-mentioned various alternative implementations.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present application may be implemented by software or hardware. Where the name of a module does not in some cases constitute a limitation on the module itself, for example, the search intention category determination module may also be described as a "search intention category module that determines a search request.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the disclosure. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (10)

1. A data processing method, comprising:
receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier;
generating a second check code according to the first object identifier and the second object identifier;
determining that the first check code is matched with the second check code, and feeding back target data requested by the data access request; wherein the target data is data associated with the second object identifier.
2. The data processing method of claim 1, wherein before receiving the data access request, further comprising:
receiving an object access request, determining the second object, and acquiring the second object identifier and the first object identifier; the object access request is a request for the first object to acquire the data of the second object;
generating the first check code according to the first object identifier and the second object identifier;
feeding back the second object, the second object identifier and the first check code requested by the object access request.
3. The data processing method of claim 2, wherein the generating the first check code according to the first object identifier and the second object identifier comprises:
and inputting the first object identifier and the second object identifier into a first preset calculation model to obtain the first check code.
4. The data processing method of claim 3, wherein generating the second parity code based on the first object id and the second object id comprises:
and inputting the first object identification and the second object identification into a second preset calculation model to obtain the second check code.
5. The data processing method of claim 4, wherein the first computational model and the second computational model match.
6. The data processing method of claim 1, further comprising:
and determining that the first check code is not matched with the second check code, and feeding back error information to the data access request.
7. A data processing apparatus, comprising:
the receiving request module is used for receiving a data access request, and acquiring a first check code included in the data access request, a first object identifier of a first object of the data access request and a second object identifier of a second object of the data access request; the first check code is generated in advance according to the first object identifier and the second object identifier;
the data processing module is used for generating a second check code according to the first object identifier and the second object identifier;
the check feedback module is used for determining that the first check code is matched with the second check code and feeding back the target data requested by the data access request; wherein the target data is data associated with the second object identifier.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 6 when executing the program.
9. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method of any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the method of any one of claims 1 to 6.
CN202211505723.8A 2022-11-28 2022-11-28 Data processing method, device, electronic equipment and storage medium Active CN115758300B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211505723.8A CN115758300B (en) 2022-11-28 2022-11-28 Data processing method, device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211505723.8A CN115758300B (en) 2022-11-28 2022-11-28 Data processing method, device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN115758300A true CN115758300A (en) 2023-03-07
CN115758300B CN115758300B (en) 2023-08-01

Family

ID=85339682

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211505723.8A Active CN115758300B (en) 2022-11-28 2022-11-28 Data processing method, device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115758300B (en)

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120030437A1 (en) * 2009-10-29 2012-02-02 Cleversafe, Inc. Processing a write request in a dispersed storage network
WO2016170414A1 (en) * 2015-04-21 2016-10-27 Signature Access Limited T/A Standard Access Methods for managing remote access to a physical location and systems thereof
CN106330958A (en) * 2016-09-29 2017-01-11 上海创功通讯技术有限公司 Secure accessing method and device
CN106598881A (en) * 2016-12-20 2017-04-26 北京小米移动软件有限公司 Page processing method and device
CN107704765A (en) * 2017-08-28 2018-02-16 深圳市诚壹科技有限公司 A kind of interface access method, server and computer-readable recording medium
CN110324407A (en) * 2019-06-04 2019-10-11 贝壳技术有限公司 Access control method, device and the storage medium of background server
CN110933103A (en) * 2019-12-11 2020-03-27 江苏满运软件科技有限公司 Anti-crawler method, device, equipment and medium
WO2020259268A1 (en) * 2019-06-28 2020-12-30 华为技术有限公司 Information sharing method, platform, and computing device
CN112600864A (en) * 2021-03-05 2021-04-02 成都奕信科技开发有限公司 Verification code verification method, device, server and medium
CN112769802A (en) * 2020-12-31 2021-05-07 微医云(杭州)控股有限公司 Access verification method and device based on server, electronic equipment and storage medium
CN112825094A (en) * 2019-11-20 2021-05-21 北京沃东天骏信息技术有限公司 Data permission verification method and device
CN113347206A (en) * 2021-06-30 2021-09-03 建信金融科技有限责任公司 Network access method and device
US20220131848A1 (en) * 2020-10-26 2022-04-28 Micron Technology, Inc. Management of Identifications of an Endpoint having a Memory Device Secured for Reliable Identity Validation
CN114726632A (en) * 2022-04-14 2022-07-08 天工信创(广州)信息科技有限公司 Login method, device, storage medium and processor
CN114756877A (en) * 2022-04-06 2022-07-15 北京有竹居网络技术有限公司 Data management method, device, server and storage medium
CN114969730A (en) * 2021-02-20 2022-08-30 腾讯科技(深圳)有限公司 Page display method and device, electronic equipment and computer storage medium

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120030437A1 (en) * 2009-10-29 2012-02-02 Cleversafe, Inc. Processing a write request in a dispersed storage network
WO2016170414A1 (en) * 2015-04-21 2016-10-27 Signature Access Limited T/A Standard Access Methods for managing remote access to a physical location and systems thereof
CN106330958A (en) * 2016-09-29 2017-01-11 上海创功通讯技术有限公司 Secure accessing method and device
CN106598881A (en) * 2016-12-20 2017-04-26 北京小米移动软件有限公司 Page processing method and device
CN107704765A (en) * 2017-08-28 2018-02-16 深圳市诚壹科技有限公司 A kind of interface access method, server and computer-readable recording medium
CN110324407A (en) * 2019-06-04 2019-10-11 贝壳技术有限公司 Access control method, device and the storage medium of background server
WO2020259268A1 (en) * 2019-06-28 2020-12-30 华为技术有限公司 Information sharing method, platform, and computing device
CN112825094A (en) * 2019-11-20 2021-05-21 北京沃东天骏信息技术有限公司 Data permission verification method and device
CN110933103A (en) * 2019-12-11 2020-03-27 江苏满运软件科技有限公司 Anti-crawler method, device, equipment and medium
US20220131848A1 (en) * 2020-10-26 2022-04-28 Micron Technology, Inc. Management of Identifications of an Endpoint having a Memory Device Secured for Reliable Identity Validation
CN112769802A (en) * 2020-12-31 2021-05-07 微医云(杭州)控股有限公司 Access verification method and device based on server, electronic equipment and storage medium
CN114969730A (en) * 2021-02-20 2022-08-30 腾讯科技(深圳)有限公司 Page display method and device, electronic equipment and computer storage medium
CN112600864A (en) * 2021-03-05 2021-04-02 成都奕信科技开发有限公司 Verification code verification method, device, server and medium
CN113347206A (en) * 2021-06-30 2021-09-03 建信金融科技有限责任公司 Network access method and device
CN114756877A (en) * 2022-04-06 2022-07-15 北京有竹居网络技术有限公司 Data management method, device, server and storage medium
CN114726632A (en) * 2022-04-14 2022-07-08 天工信创(广州)信息科技有限公司 Login method, device, storage medium and processor

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
STEPHEN B JOHNSON 等: "Using global unique identifiers to link autism collections", JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION, vol. 17, no. 6, pages 689 - 695 *
陈斌 等: "B/S模式应用中身份认证的安全策略与实现", 计算机与现代化, no. 04, pages 123 - 126 *

Also Published As

Publication number Publication date
CN115758300B (en) 2023-08-01

Similar Documents

Publication Publication Date Title
US20190012683A1 (en) Method for predicting purchase probability based on behavior sequence of user and apparatus for the same
US9026916B2 (en) User interface for managing questions and answers across multiple social media data sources
CN109451333B (en) Bullet screen display method, device, terminal and system
US10853359B1 (en) Data log stream processing using probabilistic data structures
CN109685536B (en) Method and apparatus for outputting information
CN108595448B (en) Information pushing method and device
US10621641B2 (en) Method and device for pushing information
CN115587575A (en) Data table creation method, target data query method, device and equipment
CN112685799A (en) Device fingerprint generation method and device, electronic device and computer readable medium
CN107291835B (en) Search term recommendation method and device
CN110602215A (en) Resource processing method based on alliance block chain and alliance block chain system
CN106817296B (en) Information recommendation test method and device and electronic equipment
CN107045688B (en) Control method and device for accurately identifying target terminal
CN111488386A (en) Data query method and device
CN113609516B (en) Information generation method and device based on abnormal user, electronic equipment and medium
CN110020166B (en) Data analysis method and related equipment
CN115758300B (en) Data processing method, device, electronic equipment and storage medium
CN108229127B (en) System and method for generating authentication data in advance to distinguish clients
CN111460273B (en) Information pushing method and device
CN112131468A (en) Data processing method and device in recommendation system
CN113052509A (en) Model evaluation method, model evaluation apparatus, electronic device, and storage medium
CN113836402B (en) Order screening method based on data processing
EP3273354A1 (en) Effect of operations on application requests
CN116561735B (en) Mutual trust authentication method and system based on multiple authentication sources and electronic equipment
CN114663200B (en) Product recommendation method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant