CN115765974A - Complete data desensitization method and system - Google Patents
Complete data desensitization method and system Download PDFInfo
- Publication number
- CN115765974A CN115765974A CN202211437671.5A CN202211437671A CN115765974A CN 115765974 A CN115765974 A CN 115765974A CN 202211437671 A CN202211437671 A CN 202211437671A CN 115765974 A CN115765974 A CN 115765974A
- Authority
- CN
- China
- Prior art keywords
- data
- identifier
- domain server
- desensitization
- private
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000586 desensitisation Methods 0.000 title claims abstract description 55
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000005540 biological transmission Effects 0.000 claims abstract description 12
- 238000013507 mapping Methods 0.000 claims abstract description 9
- 238000010586 diagram Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000002441 reversible effect Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a complete data desensitization method and a complete data desensitization system, which solve the technical problem that the privacy of network identification is lack of effective protection in the existing data transmission process. The method comprises the following steps: acquiring a data request initiated by a user and generating a unique identifier; transmitting the generated unique identifier to a target server storing data; generating an intra-domain identifier for sensitive information in the data through the target server, combining the unique identifier and the intra-domain identifier into a global identifier, establishing an incidence relation with the sensitive information, and storing the global identifier and the intra-domain identifier into a database of the target server; and returning the data and mapping the sensitive information in the data with the global identification. According to the invention, the sensitive information is subjected to data deformation through a desensitization rule, so that the reliable protection of the sensitive private data is realized.
Description
Technical Field
The invention relates to the technical field of data security transmission, in particular to a complete data desensitization method and a complete data desensitization system.
Background
In the existing internet technology, whether end-to-end data transmission is subjected to domain name or address resolution or not, the exact identification information of a sending end and a receiving end of a message effective information load is marked in a transmission message. The method has two main characteristics that the expression form of the exact identification information exists by the definition of a network transmission protocol and a network construction topological structure, one is that the expression form exists hierarchically, for example, a form similar to general domain name expression is adopted, the other is sniffable, and the protocol transparent message structure enables the message to be intercepted and then the receiving and sending identification of the message can be obtained, so that identity leakage is caused.
Sensitive information depends on the actual business scenario and security dimensions, and in the case of natural persons, sensitive fields of individual users include, but are not limited to: name, identification card number, mobile phone number, mail box and address; in a medical system, the patient may also be referred to as medical information or the like. When a user confirms that a certain piece of data in the data table belongs to a certain person through any means, the leakage of the personal identifier is called. Personal identifier leakage is the most serious because, once personal identifier leakage occurs, sensitive information about a specific individual is available to the data user. When a user knows new attribute information of a person according to a data table accessed by the user, attribute leakage is called. Leakage of the personal identifier certainly results in leakage of the attribute. When a user can determine that data of one person exists in a data table through data of another person, the membership leakage is called. Personal identifier leakage and attribute leakage mean that membership leakage may have occurred as well.
Disclosure of Invention
In view of the above problems, embodiments of the present invention provide a method and a system for complete data desensitization, which solve the technical problem that effective protection is lacking in privacy of network identifiers in the existing data transmission process.
The complete data desensitization method of the embodiment of the invention comprises the following steps:
desensitizing and generating a unique identifier;
sending the generated unique identifier to a private domain server;
and generating an intra-domain identifier for the sensitive data through a private domain server, combining the unique identifier and the intra-domain identifier into a global identifier, establishing an incidence relation with the sensitive data, and storing the global identifier and the sensitive data into a database of the private domain server.
In an embodiment of the present invention, the method further includes: and when the public domain server accesses the database of the private domain server, mapping the sensitive data by using the global identification.
In an embodiment of the present invention, the method further includes: and when the public domain server accesses the database of the private domain server through the global identifier, the private domain server confirms the sensitive data corresponding to the global identifier and then obtains the sensitive data corresponding to the global identifier.
In an embodiment of the present invention, the method further includes: data desensitization is performed at the public domain server and a unique identifier is generated.
In an embodiment of the present invention, the method further includes: and setting a preset public domain server in a private domain network where the private domain server is located, and performing data desensitization on the preset public domain server to generate a unique identifier.
In an embodiment of the present invention, the method further includes: and when the private domain server accesses the database, acquiring sensitive data or mapping the sensitive data by using a global identifier.
In an embodiment of the present invention, the method further includes: and when the private domain server accesses the database through the global identification, acquiring the sensitive data corresponding to the global identification.
In an embodiment of the present invention, the data desensitization is to replace sensitive data with a unique identifier by data tokenization or AES.
In an embodiment of the present invention, the domain-inside identifier is generated for the sensitive data by the private domain server in an AES and/or MD5 manner.
A complete data desensitization system, comprising:
a public domain desensitization module for data desensitization and generating a unique identifier;
the data transmission module is used for sending the generated unique identifier to the private domain server;
and the private domain desensitization module is used for generating an intra-domain identifier for the sensitive data through the private domain server, combining the unique identifier and the intra-domain identifier into a global identifier, establishing an incidence relation with the sensitive data, and storing the global identifier and the intra-domain identifier into a database of the private domain server.
According to the method and the system for complete data desensitization, disclosed by the embodiment of the invention, the sensitive data is replaced by the unique identifier, so that the data desensitization is quickly realized without influencing the safety of the data desensitization; the intra-domain identifier is generated again through the private domain server, so that sensitive data are safer on the premise of quick desensitization; and after the unique identifier and the intra-domain identifier are combined, the desensitized data is stored more strictly, and the mapping of the data cannot be completed by the unique identifier or the intra-domain identifier alone.
Drawings
The features of the invention described above are explained in more detail with reference to embodiments shown in the drawings, wherein like reference numerals denote like elements, and wherein fig. 1-3 show embodiments of the invention.
FIG. 1 is a flow diagram illustrating a method of full data desensitization according to an embodiment of the present invention.
FIG. 2 is a flow diagram illustrating a method of full data desensitization according to an embodiment of the present invention.
FIG. 3 is a flow diagram illustrating a method of full data desensitization according to an embodiment of the present invention.
FIG. 4 is a flow diagram illustrating a method of full data desensitization according to an embodiment of the present invention.
Fig. 5 is a schematic diagram illustrating an architecture of a full data desensitization system according to an embodiment of the present invention.
FIG. 6 is a schematic diagram of a use state of the full data desensitization system according to an embodiment of the invention.
FIG. 7 is a schematic diagram illustrating the operational state of a full data desensitization system according to an embodiment of the present invention.
FIG. 8 is a schematic diagram of a use state of a full data desensitization system according to an embodiment of the invention.
FIG. 9 is a block diagram of a full data desensitization system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and more obvious, the present invention is further described below with reference to the accompanying drawings and the detailed description. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1:
scene: the patient is on a hospital online platform (e.g., the WeChat applet has entered the patient identification card) as shown in FIG. 1.
A method of secure data desensitization, comprising:
step 1, the private domain server requests the public domain server to generate a unique identifier (a public key a4b 3);
implementation mode 1: the data tokenization approach is used to replace sensitive data with a unique identifier (i.e., a unique identifier) that both retains all necessary data information and does not affect its security. Completely random characters can be created in the same format, and data desensitization can be quickly realized.
Implementation mode 2: the data token mode can also be replaced by an Advanced Encryption Standard (AES) Encryption mode, and an AES symmetric Encryption algorithm uses the same key for Encryption and decryption, has high speed and is suitable for encrypting a large amount of data.
Examples are: plaintext P (raw data without encryption), key K (cipher used to encrypt plaintext, in a symmetric encryption algorithm, the encryption and decryption keys are the same, the key is generated by negotiation between a receiver and a sender, but cannot be directly transmitted over a network, otherwise, the key is leaked, the key is usually encrypted through an asymmetric encryption algorithm and then transmitted to the other party through the network, or a face-to-face quotient key is directly generated
AES encryption: assuming the AES encryption function as E, C = E (K, P), where P is plaintext, K is a key, and C is ciphertext. That is, the encryption function E outputs the ciphertext C by inputting the plaintext P and the key K as parameters of the encryption function.
Step 2: sending the generated unique identifier to a private domain server;
because the private domain server is generally an intranet or a local area network, and not all people can link to access, the unique identifier generated in the step 1 is returned to the private domain server and stored in the private domain server, so that the security is higher.
And step 3: and generating an intra-domain identifier (c 2d 1) for the sensitive data through the private domain server, combining the unique identifier and the intra-domain identifier into a global identifier (a private key a4b3c2d 1), establishing an association relation with the sensitive data, and storing the association relation into a database of the private domain server.
Those skilled in the art will appreciate that the combination of unique identifiers and intra-domain identifications is not limited to a simple sequential stacking, and other rules may be substituted.
The implementation mode is as follows: encryption is performed once at the private domain server by means of AES and MD5 (MD 5 Message-Digest Algorithm).
The encryption is carried out by using an AES mode, a sender carries out AES encryption on plaintext data X to be sent by using a secret key K to obtain a ciphertext Y, the ciphertext is transmitted through a network, a receiver carries out AES decryption by using the secret key K after receiving the ciphertext Y to obtain the plaintext X, and therefore even if the ciphertext Y is intercepted during transmission on the network, the true meaning of the ciphertext Y is difficult to decipher without the secret key.
The AES cipher block size and key size use 128 bits. An algorithm with a key length of 128 bits is also analyzed. The key length of 128 bits is processed similarly, except that for each 64 bit increase in the key length, the number of rounds of the algorithm is increased by 2 rounds and the 128bit round is increased by 10 rounds.
The AES encryption algorithm is reversible and is used for protecting sensitive data, the symmetric encryption algorithm is used for encrypting and decrypting by using the same key, the speed is high, the symmetric encryption algorithm is suitable for encrypting a large amount of data, and the encryption and decryption speed is improved; and small amount of confidential data, and an asymmetric encryption algorithm is adopted. In the actual operation process, the adopted mode is as follows: the key of the symmetric algorithm is managed by adopting the asymmetric encryption algorithm, and then the data is encrypted by using the symmetric encryption algorithm, so that the advantages of two types of encryption algorithms are integrated, and the advantages of high encryption speed and safe and convenient key management are realized.
A string, or file, or compressed packet, may be used to perform MD5 to generate a string of fixed length 128 bits. This string is essentially unique. A byte string of arbitrary length is converted into a hexadecimal digit string of some degree. The goal is to have the large volume of information "compressed" into a secure format before signing the private key with the digital signature software.
When the user registers/newly adds, the password is encrypted by MD5 and stored in the database. This prevents malicious manipulation by those who can see the database data.
The MD5 is not reversible, so there is no decryption method, and it is mainly used for authentication, card number or password, etc. to prevent information from being modified.
It will be understood by those skilled in the art that although the encryption and decryption modes used by both AES and MD5 are used in the above embodiment, the object of the present invention can be achieved when only one of them is used.
And (3) the characters obtained by encryption in the AES and MD5 modes become domain identifiers, the domain identifiers are combined with the unique identifiers received in the step (2) to form global identifiers, and a column of indexes are added in a database of the domain server for storing the global identifiers.
As can be understood by those skilled in the art, since the public domain server generates the unique identifier, transmits the unique identifier to the private domain server, and stores the global identifier obtained by combining the unique identifier with the intra-domain identifier generated by the private domain server in the database of the private domain server, the public domain server can only compare data through comparison of the unique identifiers, and cannot directly obtain real data.
The public domain server generally refers to public network environments such as a cloud server and the Internet, all people in the public domain environment can access the public domain environment, and the public domain end and the private domain end use the same key before, so that the risk of being cracked by the packet capturing exists. At present, a public key is used for encryption, a private key is used for decryption, two keys are used, the keys of a public domain end and a private domain end are different, the private key is placed at a server end, a hacker can not generally get the private key, and the safety is high.
Example 2:
scene: the patient is on the hospital online platform (e.g., the WeChat applet enters the patient identification card), as shown in FIG. 2.
A method of secure data desensitization, comprising:
step 1, a private domain server requests a public domain server to generate a unique identifier (a public key a4b 3);
reference is made to the foregoing embodiments for implementation.
Step 2: sending the generated unique identifier to a private domain server;
and step 3: and generating an intra-domain identifier (c 2d 1) for the sensitive data through the private domain server, combining the unique identifier and the intra-domain identifier into a global identifier (a private key a4b3c2d 1), establishing an association relation with the sensitive data, and storing the association relation into a database of the private domain server.
And 4, step 4: when the sensitive information is sent in a public way, only the global identification is sent, and the actual data is kept in the database of the private domain server;
and 5: and when the private domain server accesses the database through the global identification, acquiring sensitive data corresponding to the global identification.
Step 6: when the public domain server accesses the database of the private domain server, the sensitive data is mapped with the global identity (private key a4b3c2d 1).
And 7: and when the public domain server accesses the database of the private domain server through the global identifier, the private domain server confirms the sensitive data corresponding to the global identifier and then obtains the sensitive data corresponding to the global identifier.
In the embodiment, the situation that the public domain server needs actual data is considered, now more hospitals can complete the whole diagnosis and treatment process in a hospital intranet, for example, online appointment registration can be completed through an APP, a WeChat applet and the like, and a patient can check examination and treatment results through the APP or the applet, so that the step 6 and the step 7 are introduced subsequently.
When the public domain needs to obtain plaintext information (namely sensitive data replaced by the global identifier), the public domain server requests the private domain server for data through the global identifier; because some situations need to acquire original data when passing through the public domain server, the step of requesting the public domain from the private domain is increased, and the situation that real data cannot be completely viewed in the public domain is better dealt with.
After obtaining the request, if the private domain server (X) agrees, actively sending information to the public domain server (Y); the judgment of the request is added to control that all requests sent by Y are not allowed, because the real data has X, the real data is returned to Y only after the X agrees, and thus, the condition that the public domain cannot see complete information at all is met under the condition of improving the security degree of sensitive data.
As shown in fig. 2, the database stores and returns the global identifier, and both step 4 and step 6 mention the transmission through the global identifier:
example 1: after the patient A finishes registration through the WeChat applet, a physical examination service is carried out in a hospital, after several days, a physical examination report is checked through the WeChat applet, at the moment, the patient ID card is input for searching under the condition of no login, a piece of data can be returned and whether a record exists or not is displayed, but a specific result cannot be displayed, because the global identification (a 4b3c2d 1) can be matched with the identification (a 4b 3) in the public domain server, the input of the patient ID card can be judged to be correct at the moment, and therefore the following steps are returned: report generated or report not generated, etc.
Example 2: the patient A searches for the generated physical examination report on the WeChat public number of the hospital, wants to view the specific report content, needs to log in at the moment, needs to input an account and a password (initiate a request to a private domain), and can view the complete content of the report after the account and the password are verified (the request is passed). Otherwise, the account number or the password is wrong, and the specific content cannot be viewed. As shown in fig. 3.
Those skilled in the art can understand that, in the above steps, the order of step 4 and step 5 can be interchanged, the original step 4 mainly relates to the case of publicly sending sensitive information, and step 6 explains the case in the public domain environment, and after the exchange, if the organization does not relate to the public domain, only steps 1-4 need to be executed, without considering the operations of steps 5-7;
as shown in fig. 4: under the condition that a hospital only has an intranet, a server can be preset in the intranet, the whole complete data desensitization and mapping process can be completed, and the process can be completed completely without intervention in a public domain environment. This pre-set server is used to act as a public domain server, performing the operation of the public domain server.
Note: if part of the services of the hospital are accessed to the public domain network environment (such as physical examination, registration and reservation), the preset public domain server is directly accessed to the public domain network, and the information input through the public domain network or the data needing to be returned can be realized through the steps 5, 6 and 7.
It can be understood by those skilled in the art that, if the process of generating the intra-domain identifier by the private domain server in step 3 in the above embodiment is omitted, the public domain server will directly obtain the unique identifier, and then publicly send the sensitive information is to send only the unique identifier, which cannot satisfy the situation that the public domain and the private domain view the sensitive information.
If the step 4 is omitted, when the sensitive information is sent, the data is kept in the public domain, and the identity leakage can be caused by the fact that the message can obtain the receiving and sending identifier of the message after being intercepted.
If the step 5 is omitted, the data is kept in the private domain, the sending of the sensitive information is only to transmit the identifier, the identity leakage cannot be caused even if the message is intercepted, the data is kept in the private domain server, only the private domain server can obtain the original data, the data safety transmission can be realized, but the public domain server cannot obtain the original real data, and more data exchange scenes cannot be better met.
If the step 6 and the step 7 are omitted, the public domain server cannot check the complete original data under any condition and cannot meet more actual scene requirements, if the public domain server needs complete patient information in use, the complete patient information can be obtained after confirmation by the private domain server, otherwise, the complete data information cannot be obtained.
A full data desensitization system of an embodiment of the invention includes:
the memory is used for storing the program codes corresponding to the processing procedures of the full-data desensitization method of the embodiment;
and the processor is used for executing the program codes corresponding to the processing procedures of the full data desensitization method of the embodiment.
The processor may be a DSP (Digital Signal Processing) Digital Signal processor, an FPGA (Field-Programmable Gate Array) Field Programmable Gate Array, an MCU (micro Controller Unit) system board, an SoC (system on a chip) system board, or a PLC (Programmable Logic Controller) minimum system including I/O.
The program is shown in fig. 5, which is a server desensitization program 12, and the system is mainly implemented by the following processing procedures:
1. the public domain server 11 initiates a request 101 to the server desensitization program 12 and generates a unique identifier 102;
2. the server desensitization program sends the generated unique identifier 102 to the private domain server 13;
3. the private domain server 13 generates an intra-domain identifier 103 for each piece of data, and stores the unique identifier and the intra-domain identifier in the database 14 after being combined;
4. the database 14 finally returns the combined global identifier 104 to the public domain server;
referring to fig. 6, a ciphertext 202 may be displayed and a plaintext 201 may be displayed in the case of a local area network and a private area server.
Referring to fig. 7, it is shown that in the case of the internet, the cloud, and the public domain server, the plaintext 301 cannot be displayed, but only the ciphertext 302 can be displayed, but at the same time, if the public domain server wants to display the complete plaintext information, an application can be sent to the private domain server, and if the private domain server agrees, the complete plaintext information can be displayed, referring to fig. 8.
A full data desensitization system of an embodiment of the present invention is shown in fig. 9. In fig. 9, the present embodiment includes:
a public domain desensitization module 1010 for desensitizing data and generating a unique identifier;
a data transmission module 1020, configured to send the generated unique identifier to a private domain server;
and the private domain desensitization module 1030 is configured to generate an intra-domain identifier for the sensitive data through the private domain server, combine the unique identifier and the intra-domain identifier into a global identifier, establish an association relationship with the sensitive data, and store the global identifier and the intra-domain identifier in a database of the private domain server.
An identity mapping module 1040; the method is used for mapping the sensitive data with the global identification when the sensitive data is sent in the public way. Only the global identification is sent, and the actual data is left in the database of the private domain server.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method of full data desensitization, comprising:
desensitizing the data and generating a unique identifier;
sending the generated unique identifier to a private domain server;
and generating an intra-domain identifier for the sensitive data through a private domain server, combining the unique identifier and the intra-domain identifier into a global identifier, establishing an incidence relation with the sensitive data, and storing the global identifier and the sensitive data into a database of the private domain server.
2. The method of full data desensitization according to claim 1, further comprising: and when the public domain server accesses the database of the private domain server, mapping the sensitive data by using the global identification.
3. The method of full data desensitization according to claim 1, further comprising: and when the public domain server accesses the database of the private domain server through the global identifier, the private domain server confirms the sensitive data corresponding to the global identifier and then obtains the sensitive data corresponding to the global identifier.
4. The method of full data desensitization according to claim 1, further comprising: data desensitization is performed at the public domain server and a unique identifier is generated.
5. A method of full data desensitization according to claim 1, further comprising: and setting a preset public domain server in a private domain network where the private domain server is positioned, and performing data desensitization on the preset public domain server and generating a unique identifier.
6. The method of full data desensitization according to claim 1, further comprising: and when the private domain server accesses the database, acquiring sensitive data or mapping the sensitive data by using a global identifier.
7. The method of full data desensitization according to claim 1, further comprising: and when the private domain server accesses the database through the global identification, acquiring the sensitive data corresponding to the global identification.
8. A full data desensitization method according to any of claims 1 to 7, wherein said data desensitization is the replacement of sensitive data by means of data tokenization or AES with a unique identifier.
9. Full data desensitization method according to any of claims 1 to 7, characterized in that intra-domain identifiers are generated for sensitive data by means of AES and/or MD5 by means of a private domain server.
10. A full data desensitization system, comprising:
a public domain desensitization module for data desensitization and generating a unique identifier;
the data transmission module is used for sending the generated unique identifier to the private domain server;
and the private domain desensitization module is used for generating an intra-domain identifier for the sensitive data through the private domain server, combining the unique identifier and the intra-domain identifier into a global identifier, establishing an incidence relation with the sensitive data, and storing the global identifier and the intra-domain identifier into a database of the private domain server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211437671.5A CN115765974A (en) | 2022-11-17 | 2022-11-17 | Complete data desensitization method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211437671.5A CN115765974A (en) | 2022-11-17 | 2022-11-17 | Complete data desensitization method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115765974A true CN115765974A (en) | 2023-03-07 |
Family
ID=85372339
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211437671.5A Pending CN115765974A (en) | 2022-11-17 | 2022-11-17 | Complete data desensitization method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115765974A (en) |
-
2022
- 2022-11-17 CN CN202211437671.5A patent/CN115765974A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10554420B2 (en) | Wireless connections to a wireless access point | |
| CN111079128B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN106104562B (en) | System and method for securely storing and recovering confidential data | |
| US11063941B2 (en) | Authentication system, authentication method, and program | |
| WO2015072203A1 (en) | Information delivery system | |
| US20030081774A1 (en) | Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure | |
| CN101815091A (en) | Cipher providing equipment, cipher authentication system and cipher authentication method | |
| CN106302312A (en) | Obtain the method and device of e-file | |
| JP5704044B2 (en) | Relay processing device, relay processing method and program | |
| KR20200107931A (en) | System and method for key generation and storage for multi-point authentication | |
| JP2008503966A (en) | Anonymous certificate for anonymous certificate presentation | |
| JP2008250931A (en) | System for restoring distributed information, information utilizing device, and verification device | |
| US20210144000A1 (en) | Generating keys using controlled corruption in computer networks | |
| US20150350375A1 (en) | Information Processing Method, Trusted Server, and Cloud Server | |
| CN114244508A (en) | Data encryption method, device, equipment and storage medium | |
| CN113726772A (en) | Method, device, equipment and storage medium for realizing on-line inquiry session | |
| CN201717885U (en) | Code providing equipment and code identification system | |
| JP4657706B2 (en) | Authority management system, authentication server, authority management method, and authority management program | |
| JP3690237B2 (en) | Authentication method, recording medium, authentication system, terminal device, and authentication recording medium creation device | |
| CN115765974A (en) | Complete data desensitization method and system | |
| JP4140617B2 (en) | Authentication system using authentication recording medium and method of creating authentication recording medium | |
| CN101453335B (en) | User information secured inputting method, and customer terminal | |
| CN112788046A (en) | Method and system for encrypting transmission information | |
| CN116132185A (en) | Data calling method, system, device, equipment and medium | |
| KR20230024279A (en) | How to generate a key using controlled compromise in a computer network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |