CN115828322A - Method and device for verifying integrity of data storage, electronic equipment and storage medium - Google Patents
Method and device for verifying integrity of data storage, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115828322A CN115828322A CN202211492898.XA CN202211492898A CN115828322A CN 115828322 A CN115828322 A CN 115828322A CN 202211492898 A CN202211492898 A CN 202211492898A CN 115828322 A CN115828322 A CN 115828322A
- Authority
- CN
- China
- Prior art keywords
- target
- field
- check
- record
- target record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013500 data storage Methods 0.000 title claims abstract description 55
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000012795 verification Methods 0.000 claims description 55
- 238000003780 insertion Methods 0.000 claims description 40
- 230000037431 insertion Effects 0.000 claims description 40
- 238000012545 processing Methods 0.000 claims description 20
- 238000004422 calculation algorithm Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 15
- 238000004364 calculation method Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000005856 abnormality Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The application provides a method and a device for verifying data storage integrity, an electronic device and a storage medium, wherein the verifying method comprises the following steps: responding to the updating operation of the target data table, and acquiring a check mark of the target data table; when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the update operation in the target data table and a storage check value corresponding to the target record; obtaining a target check value corresponding to the target record based on the field included by the target record; and comparing the target check value corresponding to the target record with the stored check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the stored check value corresponding to the target record, generating alarm information that the target record is damaged. By adopting the technical scheme provided by the application, the integrity of data storage in the target record can be verified, and the safety of data storage is improved.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a method and an apparatus for verifying integrity of data storage, an electronic device, and a storage medium.
Background
When the core system stores data, the data encryption storage is required aiming at key personal information such as passwords and the like, the data encryption can ensure that the data is obtained by an eavesdropper, and the eavesdropper can be prevented from knowing the content of the data, so that the data can be safely transmitted.
At present, the secure transmission of data also involves the need to determine that the received data is not tampered by an eavesdropper, that is, the integrity of the data is to be ensured, and in the storage process of the data, only the data is encrypted and stored, and the integrity of the data is not verified, so that the stored data may be tampered data, thereby causing a potential safety hazard. Therefore, how to check the integrity of data storage, thereby improving data security, becomes a problem to be solved urgently.
Disclosure of Invention
In view of this, an object of the present application is to provide a method and an apparatus for verifying integrity of data storage, an electronic device, and a storage medium, which can obtain a target verification value through a field included in a target record, compare the target verification value with a storage verification value corresponding to the target record, and determine whether the target record is damaged, thereby verifying integrity of data storage in the target record and improving security of data storage.
The application mainly comprises the following aspects:
in a first aspect, an embodiment of the present application provides a method for verifying integrity of data storage, where the method for verifying integrity of data storage includes:
responding to the updating operation of a target data table, and acquiring a check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data;
when the verification mark of the target data table indicates that the target data table needs to be subjected to integrity verification, acquiring a target record corresponding to the updating operation in the target data table and a storage verification value corresponding to the target record;
obtaining a target check value corresponding to the target record based on the field included in the target record;
and comparing a target check value corresponding to the target record with a stored check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the stored check value corresponding to the target record, generating alarm information that the target record is damaged.
Further, the step of obtaining the target check value corresponding to the target record based on the field included in the target record includes:
acquiring a check identifier of each field based on the fields included in the target record;
determining that the check identifier indicates a target field needing integrity check in the fields included in the target record based on the check identifier of each field;
and acquiring the serial number of each target field, sequentially splicing the stored data corresponding to each target field according to the serial number of the corresponding target field, and then performing MAC algorithm processing to obtain a target check value corresponding to the target record.
Further, it is determined that the check mark indicates a target field that needs to be integrity checked, from the fields included in the target record, through the following steps:
aiming at each field in the target data table, acquiring a check identifier and a protection level corresponding to the field in a predetermined data dictionary; the data dictionary is a set of check identifications and protection levels included by each field in all the fields;
determining whether the protection level corresponding to the field belongs to a preset protection level set or not;
if yes, determining the check identifier corresponding to the field in the data dictionary as the check identifier of the field in the target data table, and determining that the check identifier indicates the target field needing integrity check in the fields included in the target record based on the determined check identifier of each field in the target data table.
Further, before the obtaining of the check identifier and the protection level corresponding to the field, the check method further includes:
aiming at each field in the data dictionary, acquiring a check identifier and a protection level preset for the field in a predetermined reference dictionary; the reference dictionary is a set of preset check identification and protection level of each field;
and determining the check identifier corresponding to the field in the reference dictionary as the check identifier corresponding to the field in the data dictionary, and determining the protection level corresponding to the field in the reference dictionary as the protection level corresponding to the field in the data dictionary.
Further, the verification method further includes:
if the target check value corresponding to the target record is consistent with the stored check value corresponding to the target record, acquiring the update fields of the target record corresponding to the update operation and the target data of each update field from a plurality of fields included in the target record;
for each update field, updating the storage data of the field corresponding to the update field in the target record to the target data of the update field to obtain the updated storage data of the field;
determining the target record in which the storage data of each updated field after the corresponding field in the target record is updated is located as the updated target record;
determining that the check identifier indicates a field needing integrity check in all fields included in the updated target record based on the check identifier of each field in the target record;
sequentially splicing the stored data of the fields needing integrity check in the updated target record according to the serial numbers of the corresponding fields, and then performing MAC algorithm processing to obtain an updated check value corresponding to the target record;
and updating the storage check value corresponding to the target record to an updated check value corresponding to the target record to obtain an updated storage check value corresponding to the target record.
Further, the verification method further includes:
responding to an insertion operation of a target data table, and acquiring insertion data of at least one field in the target data table corresponding to the insertion operation when a check mark of the target data table indicates that the target data table needs to be subjected to integrity check;
adding insertion data of at least one field in the target data table corresponding to the insertion operation to a field corresponding to the target data table to serve as storage data of the corresponding field, and determining a combination of the storage data added to each field as an insertion record of the target data table;
determining that the check identifier indicates a field needing integrity check in all fields included in the insert record based on the check identifier of each field in the insert record;
and sequentially splicing the stored data of the fields needing integrity check according to the sequence numbers of the corresponding fields, then carrying out MAC algorithm processing to obtain the stored check value corresponding to the insertion record, and adding the stored check value into the insertion record for storage.
In a second aspect, an embodiment of the present application further provides a device for verifying integrity of data storage, where the device includes:
the first acquisition module is used for responding to the updating operation of a target data table and acquiring the check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data;
a second obtaining module, configured to obtain a target record corresponding to the update operation in the target data table and a stored check value corresponding to the target record when the check flag of the target data table indicates that integrity check needs to be performed on the target data table;
a third obtaining module, configured to obtain a target check value corresponding to the target record based on a field included in the target record;
and the processing module is used for comparing a target check value corresponding to the target record with a storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
Further, when the third obtaining module is configured to obtain the target check value corresponding to the target record based on the field included in the target record, the third obtaining module is specifically configured to:
acquiring a check identifier of each field based on the fields included in the target record;
determining that the check identifier indicates a target field needing integrity check in the fields included in the target record based on the check identifier of each field;
and acquiring the serial number of each target field, sequentially splicing the stored data corresponding to each target field according to the serial number of the corresponding target field, and then performing MAC algorithm processing to obtain a target check value corresponding to the target record.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating via the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the steps of the method of verifying data storage integrity as described above.
In a fourth aspect, the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method for verifying integrity of data storage are performed as described above.
The embodiment of the application provides a method and a device for verifying data storage integrity, an electronic device and a storage medium, wherein the verification method comprises the following steps: responding to the updating operation of a target data table, and acquiring a check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data; when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the updating operation in the target data table and a storage check value corresponding to the target record; obtaining a target check value corresponding to the target record based on the field included in the target record; and comparing a target check value corresponding to the target record with a stored check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the stored check value corresponding to the target record, generating alarm information that the target record is damaged.
Therefore, by adopting the technical scheme provided by the application, the target check value can be obtained through the field included by the target record, the target check value is compared with the storage check value corresponding to the target record, and whether the target record is damaged or not is determined, so that the integrity of data storage in the target record is verified, and the safety of data storage is improved.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a flowchart illustrating a method for verifying integrity of a data storage according to an embodiment of the present application;
FIG. 2 is a flow chart illustrating another method for verifying integrity of data storage according to an embodiment of the present disclosure;
FIG. 3 is a diagram illustrating a relationship between a data dictionary and a reference dictionary provided in an embodiment of the present application;
FIG. 4 is a diagram illustrating a relationship between a data table and a data dictionary according to an embodiment of the present application;
FIG. 5 is a schematic diagram illustrating checking integrity of data storage corresponding to an update operation according to an embodiment of the present disclosure;
FIG. 6 is a schematic diagram illustrating checking integrity of data storage corresponding to an insert operation according to an embodiment of the present disclosure;
fig. 7 shows one of the structural diagrams of a data storage integrity verification apparatus according to an embodiment of the present application;
fig. 8 shows a second block diagram of a data storage integrity checking apparatus according to an embodiment of the present application;
fig. 9 shows a schematic structural diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it should be understood that the drawings in the present application are for illustrative and descriptive purposes only and are not intended to limit the scope of the present application. Additionally, it should be understood that the schematic drawings are not necessarily drawn to scale. The flowcharts used in this application illustrate operations implemented according to some embodiments of the present application. It should be understood that the operations of the flow diagrams may be performed out of order, and that steps without logical context may be performed in reverse order or concurrently. One skilled in the art, under the guidance of this application, may add one or more other operations to, or remove one or more operations from, the flowchart.
In addition, the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. The components of the embodiments of the present application, as generally described and illustrated in the figures herein, could be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
To enable those skilled in the art to utilize the present disclosure, the following embodiments are presented in conjunction with a specific application scenario "check of data storage integrity", and it will be apparent to those skilled in the art that the general principles defined herein may be applied to other embodiments and application scenarios without departing from the spirit and scope of the present disclosure.
The method, the apparatus, the electronic device, or the computer-readable storage medium described in the embodiments of the present application may be applied to any scenario in which data storage integrity needs to be checked, and the embodiments of the present application do not limit specific application scenarios.
It is worth noting that when the core system stores data, data encryption storage is needed for key personal information such as passwords, and the data encryption can ensure that data is obtained by an eavesdropper, and can also prevent the eavesdropper from knowing the content of the data, so that the data can be safely transmitted.
At present, the secure transmission of data also involves the need to determine that the received data is not tampered by an eavesdropper, that is, the integrity of the data is to be ensured, and in the storage process of the data, only the data is encrypted and stored, and the integrity of the data is not verified, so that the stored data may be tampered data, thereby causing a potential safety hazard. Therefore, how to check the integrity of data storage, thereby improving data security, becomes a problem to be solved urgently.
Based on this, the present application provides a method and an apparatus for verifying integrity of data storage, an electronic device, and a storage medium, where the method for verifying integrity of data storage includes: responding to the updating operation of a target data table, and acquiring a check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data; when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the updating operation in the target data table and a storage check value corresponding to the target record; obtaining a target check value corresponding to the target record based on the field included in the target record; and comparing the target check value corresponding to the target record with the storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
Therefore, by adopting the technical scheme provided by the application, the target check value can be obtained through the field included by the target record, the target check value is compared with the storage check value corresponding to the target record, and whether the target record is damaged or not is determined, so that the integrity of data storage in the target record is verified, and the safety of data storage is improved.
For the purpose of facilitating an understanding of the present application, the technical solutions provided in the present application will be described in detail below with reference to specific embodiments.
Referring to fig. 1, fig. 1 is a flowchart of a method for verifying integrity of data storage according to an embodiment of the present application, as shown in fig. 1, the method includes:
s101, responding to the updating operation of a target data table, and acquiring a check mark of the target data table;
in this step, when data is added, deleted, changed, checked, and the like from a data table of a database, it is necessary to ensure that the operated data is complete, that is, the data is not destroyed, and if the data is destroyed, it indicates that a security platform where the data is located has a bug, which causes a lawbreaker to acquire data or modify data using the bug, resulting in information leakage and potential safety hazard; particularly, the security platform is applied to a bank core system, when the bank core system stores data, after the data is encrypted and stored aiming at key personal information such as passwords and the like, the data needs to be verified for storage integrity before the data is operated; for example, when a user wants to modify a password, after uploading a new password, a background receives the new password, before the stored original password is updated by the new password, storage integrity verification needs to be performed on a record (for example, the record includes information such as the name, certificate number, password and contact information of the user) where the original password is located, if the verification is not qualified, the user is prompted that the password cannot be modified temporarily, and alarm information that the record is damaged is generated to allow operation and maintenance personnel to search for a vulnerability of a security platform where the record is located, so that security of information such as personal certificates, passwords and contact information is ensured.
Here, the target data table includes a plurality of records, each record includes a plurality of fields, and each field has corresponding storage data; for example, the target data table may be a user table, each record in the plurality of records may be an information record of each user, the fields may be a user name, a password, a certificate number, a gender, and the like, and the stored data corresponding to the "gender" field may be "female" or "male", for example.
Here, in response to the update operation of the target data tables, acquiring the check marks of the target data tables, wherein each target data table has a corresponding check mark; for example, a check mark of "1" represents that the target data table needs to be integrity checked, and a check mark of "0" represents that the target data table does not need to be integrity checked.
S102, when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the updating operation in the target data table and a storage check value corresponding to the target record;
in this step, when the target data table needs to be subjected to integrity verification, a target record corresponding to an update operation in the target data table and a storage verification value corresponding to the target record are obtained, the update operation may be an operation of updating one or more target records in all records included in the target data table, a storage verification value corresponding to each target record is obtained, and the storage verification value corresponding to each target record is pre-stored in a field corresponding to the target data table; here, the storage check value corresponding to each target record may be a MAC value calculated by a MAC algorithm based on storage data corresponding to a field that needs to be subjected to integrity check in the entry tag record during the last update operation or the last storage.
S103, obtaining a target check value corresponding to the target record based on the field included by the target record;
in the step, in all fields included in a target data table which needs to be subjected to integrity verification, not every field needs to be subjected to integrity verification, so that the fields which need to be subjected to integrity verification are determined based on the fields included in the target record, and a target verification value corresponding to the target record is obtained based on the stored data corresponding to the fields which need to be subjected to integrity verification; the target check value is a new MAC value calculated by the MAC algorithm on the stored data corresponding to the field to be integrity checked.
Please refer to fig. 2, fig. 2 is a flowchart of another data storage integrity verification method provided in an embodiment of the present application, and as shown in fig. 2, the step of obtaining the target verification value corresponding to the target record based on the field included in the target record includes:
s201, acquiring a check mark of each field based on the fields included in the target record;
s202, determining that the check identifier indicates a target field needing integrity check in the fields included in the target record based on the check identifier of each field;
in this step, each field has a corresponding check identifier, for example, when the check identifier of a certain field is "1", it represents that the field needs to be subjected to integrity check, and when the check identifier of a certain field is "0", it represents that the field does not need to be subjected to integrity check.
It should be noted that, it is determined that the check identifier is indicated in the target field that needs to be integrity checked, from the fields included in the target record, through the following steps:
s2021, aiming at each field in the target data table, obtaining a check identifier and a protection level corresponding to the field in a predetermined data dictionary;
in this step, please refer to fig. 4, and fig. 4 is a schematic diagram illustrating a relationship between a data table and a data dictionary provided in an embodiment of the present application, as shown in fig. 4, the data dictionary is a set of a check identifier and a protection level included in each field of all fields, the protection level (object level) and the check identifier of each field in the data dictionary are both inherited from a reference dictionary, and the check identifier of an attribute (field) in the data table is inherited from the check identifier in the data dictionary. The fields in the target data table are selected from the data dictionary for use, not all data dictionaries related to basic protected objects need to be subjected to storage integrity check, and one target data table relates to a plurality of basic protected objects (fields), so whether check is carried out on the fields in the target data table and the sequence of each field in the data dictionary need to be set. And finally generating a table entity code according to the composition rule of the target data table, and executing the table entity code in a running state. Annotating and marking the attribute (field) in the table entity to indicate whether the sequence number of the field in the target data table and the inherited check identifier are indicated to participate in checking and the like; whether storage integrity calculation and verification are needed to be completed is marked according to the same mark of the target data table, whether verification is generated on the target data table is marked through an annotation mark of the entity class name, and if the integrity verification is needed, a field (such as a MAC field) for storing a verification value is automatically added, so that the calculated verification value (such as the MAC value) is stored under the field.
It should be noted that, before obtaining the check identifier and the protection level corresponding to the field, the checking method further includes:
1) Acquiring a check identifier and a protection level preset by each field in the data dictionary from a predetermined reference dictionary;
in this step, a dictionary is referred to for a set of check marks and protection levels set in advance for each field.
2) And determining the check identifier corresponding to the field in the reference dictionary as the check identifier corresponding to the field in the data dictionary, and determining the protection level corresponding to the field in the reference dictionary as the protection level corresponding to the field in the data dictionary.
In this step, please refer to fig. 3, where fig. 3 is a schematic diagram illustrating a relationship between a data dictionary and a reference dictionary provided in an embodiment of the present application, and as shown in fig. 3, the reference dictionary is a specification preset for all fields, the data dictionary is a specific field created based on the specification, and a protection level and a verification identifier of each field in the data dictionary are inherited from the reference dictionary; for example, the reference dictionary may be a specification of the object "person" and includes preset fields of "name", "age", "gender" and the like, the data dictionary may be an object "student" or "teacher", and when the fields of "name", "age", "gender" and the like need to be created, the object "student" or "teacher" may directly inherit the object "person" in the reference dictionary, so that the "student" or "teacher" inherits the fields of "name", "age", "gender" and the like, and the generated code of the fields of "name", "age", "gender" and the like does not need to be written again, thereby saving the time of the developer writing the code.
Here, to ensure that the fields belonging to the basic protected object can participate when the storage integrity needs to be calculated, it is necessary to mark the fields, that is, set the level of the basic object (field) and check the integrity, on the abstraction layer of the data dictionary, that is, on the reference dictionary, and the marked dimension includes whether the fields belong to several levels of basic protected objects (that is, the protection levels corresponding to the respective fields) and participate in the storage integrity check. When the data dictionary selects to use the reference dictionary, the marked protection level (object level) and the check identification are automatically inherited, so that the tagged design of the basic protected object is realized. Illustratively, fields of the basic protected object are a certificate number and a password, and a protection level and a check identifier of the certificate number and the password are obtained, for example, the protection level of the certificate number and the password is three levels (belonging to a preset protection level set) and the check identifier of the certificate number and the password is 1 (assuming that "1" indicates that integrity check needs to be performed), so that the integrity check of the certificate number and the password calculation and storage is required before the operation of the certificate number and the password; therefore, the basic protected object is subjected to labeling design to ensure that the fields belonging to the basic protected object can participate when the integrity of the computing storage is required. Here, the protection level may be a first level, a second level, a third level, a fourth level, and the like, for example, if the service requires integrity check only on partial fields (for example, fields such as personal certificates, passwords, and the like) with the protection levels of the third level and the fourth level, the field with the protection level of the third level or the fourth level and corresponding check identifier indicating that integrity check needs to be performed is obtained, so as to ensure integrity of data and improve security of data storage.
S2022, determining whether the protection level corresponding to the field belongs to a preset protection level set;
for example, the preset protection level set is a set of three levels and four levels, and it is determined whether the protection level corresponding to the field belongs to the three levels or the four levels. The preset protection level here is preset based on the traffic demand.
And S2023, if yes, determining the check identifier corresponding to the field in the data dictionary as the check identifier of the field in the target data table, and determining that the check identifier indicates the target field needing integrity check in the fields included in the target record based on the determined check identifier of each field in the target data table.
In this step, if the protection level corresponding to the field belongs to a preset protection level set, the sequence number and the check identifier of the field in the target data table are obtained based on the annotation tag of the field, where the annotation tag is a tag for obtaining the check identifier corresponding to the field from the data dictionary. And determining the field needing the integrity check and indicating the check identification in all the fields included in the target record as a target field, and calculating a target check value based on the target field.
S203, acquiring the sequence number of each target field, sequentially splicing the stored data corresponding to each target field according to the sequence number of the corresponding target field, and then performing MAC algorithm processing to obtain a target check value corresponding to the target record.
In the step, for each target record, the sequence number of each target field included in the entry mark record in the target data table is obtained, the stored data corresponding to each target field are sequentially spliced according to the sequence number of the corresponding target field to form a message, and the message is sent to the security platform for MAC algorithm processing, so as to obtain the target check value of the entry mark record fed back by the security platform.
S104, comparing the target check value corresponding to the target record with the storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
In this step, the target check value recalculated for the target record is compared with the previously stored check value, and if the target check value is not consistent with the previously stored check value, it is indicated that the previously stored data is possibly tampered and damaged, so that alarm information that the target record is damaged is generated. The problem of integrity check of storage of a basic protected object (a field needing integrity check) is solved, the basic protected object is subjected to tagging design, and when a table or the basic protected object is newly added, the table or the basic protected object can be automatically identified, so that application developers are not sensitive, and the safety of data storage is improved.
It should be noted that the verification method further includes:
1. if the target check value corresponding to the target record is consistent with the stored check value corresponding to the target record, acquiring the update fields of the target record corresponding to the update operation and the target data of each update field from a plurality of fields included in the target record;
2. for each update field, updating the storage data of the field corresponding to the update field in the target record to the target data of the update field to obtain the updated storage data of the field;
3. determining the target record in which the stored data of the corresponding field in the target record of each updated field is updated as the updated target record;
4. determining that the check identifier indicates a field which needs to be subjected to integrity check in all fields included in the updated target record based on the check identifier of each field in the target record;
5. sequentially splicing the stored data of the fields needing integrity check in the updated target record according to the sequence numbers of the corresponding fields, and then carrying out MAC algorithm processing to obtain an updated check value corresponding to the target record;
6. and updating the storage check value corresponding to the target record to an updated check value corresponding to the target record to obtain an updated storage check value corresponding to the target record.
In this step, if the target check value recalculated for the target record is compared with the previously stored check value, and if the target check value recalculated for the target record is consistent with the previously stored check value, it indicates that the previously stored data is not damaged, an update operation may be performed to update the update field of the target record corresponding to the update operation and the target data of each update field at the corresponding position of the target data table, so as to obtain an updated target record, and the check value corresponding to the updated target record is recalculated to update the stored check value corresponding to the target record.
For example, please refer to fig. 5, fig. 5 is a schematic diagram illustrating checking integrity of data storage corresponding to an update operation provided in the embodiment of the present application, as shown in fig. 5, when the update operation is performed on a data table, a tangent plane technology is used to check whether the data table needs to store the integrity calculation, if necessary, a field needing to be subjected to the integrity calculation is obtained from all fields included in an entity class according to annotation information of the entity class in the data table, where the entity class is a table entity generated based on a composition rule of the data table, and includes an attribute (a sequence number and a corresponding check identifier) of each field in all fields in the data table, a target record corresponding to the update operation in the target data table and an MAC value (storage check value) corresponding to the target record are obtained, stored data before the field needing to be subjected to the integrity calculation in the target record is combined into a new calculation packet according to a sequence of the sequence number, and sent to a security platform for performing the MAC algorithm calculation, and a result after the calculation is compared with the MAC value currently existing in the target record of the data table, if the target record is not consistent, it is described that the integrity is damaged, and an error is reported; if the calculated result is consistent with the MAC value currently existing in the target record of the data table, combining the updated data of the field needing integrity check into a new calculation message according to the sequence number sequence, sending the new calculation message to a security platform for MAC algorithm calculation, and updating the calculated MAC value into the target record of the data table;
further, the verification method further comprises:
1. responding to an insertion operation of a target data table, and acquiring insertion data of at least one field in the target data table corresponding to the insertion operation when a check mark of the target data table indicates that the target data table needs to be subjected to integrity check;
2. adding insertion data of at least one field in the target data table corresponding to the insertion operation to the field corresponding to the target data table to serve as storage data of the corresponding field, and determining the combination of the storage data added to each field as an insertion record of the target data table;
3. determining that the check identifier indicates a field needing integrity check in all fields included in the insert record based on the check identifier of each field in the insert record;
4. and sequentially splicing the stored data of the fields needing integrity check according to the sequence numbers of the corresponding fields, then carrying out MAC algorithm processing to obtain the stored check value corresponding to the insertion record, and adding the stored check value into the insertion record for storage.
For example, please refer to fig. 6, fig. 6 is a schematic diagram illustrating checking integrity of data storage corresponding to an insertion operation provided in an embodiment of the present application, and as shown in fig. 6, when the insertion operation is performed on a data table, a section technology is used to check whether the data table needs to store the integrity calculation, and if necessary, according to annotation information of an entity class in the data table, a field that needs to be subjected to the integrity check is obtained from all fields included in an entity class, where the entity class is a table entity generated based on a composition rule of the data table, and includes an attribute (a serial number in the data table and a corresponding check identifier) of each field in all fields in the data table, an insertion record corresponding to the insertion operation in a target data table and an MAC value (a storage check value) corresponding to the insertion record are obtained, and the MAC value corresponding to the insertion record may be null, the data to be inserted into the insertion record of the data table that needs to be subjected to the integrity check is combined into a new calculation packet according to the serial number in sequence, and sent to a concurrence the MAC algorithm calculation, and the calculated MAC value is inserted into the insertion record of the data table and is used as the storage check value.
Further, the verification method further comprises:
1. and upgrading the safety platform where the target record is located based on the alarm information that the target record is damaged so as to prevent the target record from being damaged again.
In the step, if the target record is damaged, it is indicated that a security platform where the target record is located has a leak, and a lawbreaker acquires data in the target record by using the leak, so that the data in the target record is modified, and information leakage and potential safety hazards are caused; operation and maintenance personnel can search for leaks or abnormalities existing in the safety platform based on alarm information that the target records are damaged, upgrade and repair the safety platform based on the searched leaks or abnormalities, solve the potential safety hazard problem caused by the leaks, and improve the safety of data storage.
The embodiment of the application provides a method for verifying the integrity of data storage, which comprises the following steps: responding to the updating operation of a target data table, and acquiring a check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data; when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the updating operation in the target data table and a storage check value corresponding to the target record; obtaining a target check value corresponding to the target record based on the field included in the target record; and comparing the target check value corresponding to the target record with the storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
Therefore, by adopting the technical scheme provided by the application, the target check value can be obtained through the field included by the target record, the target check value is compared with the storage check value corresponding to the target record, and whether the target record is damaged or not is determined, so that the integrity of data storage in the target record is verified, and the safety of data storage is improved.
Based on the same application concept, the embodiment of the present application further provides a data storage integrity verification apparatus corresponding to the data storage integrity verification method provided in the foregoing embodiment, and as the principle of the apparatus in the embodiment of the present application for solving the problem is similar to that of the data storage integrity verification method provided in the foregoing embodiment of the present application, the implementation of the apparatus may refer to the implementation of the method, and repeated details are not described again.
Referring to fig. 7 and 8, fig. 7 is a first structural diagram of a data storage integrity verification apparatus according to an embodiment of the present disclosure, and fig. 8 is a second structural diagram of a data storage integrity verification apparatus according to an embodiment of the present disclosure. As shown in fig. 7, the verifying unit 710 includes:
a first obtaining module 711, configured to obtain a check mark of a target data table in response to an update operation of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data;
a second obtaining module 712, configured to obtain a target record corresponding to the update operation in the target data table and a stored check value corresponding to the target record when the check flag of the target data table indicates that integrity check needs to be performed on the target data table;
a third obtaining module 713, configured to obtain a target check value corresponding to the target record based on a field included in the target record;
a processing module 714, configured to compare a target verification value corresponding to the target record with a stored verification value corresponding to the target record, and if the target verification value corresponding to the target record is inconsistent with the stored verification value corresponding to the target record, generate alarm information that the target record is damaged.
Optionally, when the third obtaining module 713 is configured to obtain the target check value corresponding to the target record based on the field included in the target record, the third obtaining module 713 is specifically configured to:
acquiring a check identifier of each field based on the fields included in the target record;
determining that the check identifier indicates a target field needing integrity check in the fields included in the target record based on the check identifier of each field;
and acquiring the serial number of each target field, sequentially splicing the stored data corresponding to each target field according to the serial number of the corresponding target field, and then performing MAC algorithm processing to obtain a target check value corresponding to the target record.
Optionally, when the third obtaining module 713 is configured to determine, in the fields included in the target record, that the check identifier indicates a target field that needs to be subjected to integrity check, the third obtaining module 713 is specifically configured to:
aiming at each field in the target data table, acquiring a check identifier and a protection level corresponding to the field in a predetermined data dictionary; the data dictionary is a set of check identifications and protection levels included by each field in all the fields;
determining whether the protection level corresponding to the field belongs to a preset protection level set or not;
if yes, determining the check identifier corresponding to the field in the data dictionary as the check identifier of the field in the target data table, and determining that the check identifier indicates the target field needing integrity check in the fields included in the target record based on the determined check identifier of each field in the target data table.
Optionally, the third obtaining module 713 is further configured to:
aiming at each field in the data dictionary, acquiring a check identifier and a protection level preset by the field in a predetermined reference dictionary; the reference dictionary is a set of preset check identification and protection level of each field;
and determining the check identifier corresponding to the field in the reference dictionary as the check identifier corresponding to the field in the data dictionary, and determining the protection level corresponding to the field in the reference dictionary as the protection level corresponding to the field in the data dictionary.
Optionally, the processing module 714 is further configured to:
if the target check value corresponding to the target record is consistent with the stored check value corresponding to the target record, acquiring the update fields of the target record corresponding to the update operation and the target data of each update field from a plurality of fields included in the target record;
for each update field, updating the storage data of the field corresponding to the update field in the target record to the target data of the update field to obtain the updated storage data of the field;
determining the target record in which the storage data of each updated field after the corresponding field in the target record is updated is located as the updated target record;
determining that the check identifier indicates a field needing integrity check in all fields included in the updated target record based on the check identifier of each field in the target record;
sequentially splicing the stored data of the fields needing integrity check in the updated target record according to the serial numbers of the corresponding fields, and then performing MAC algorithm processing to obtain an updated check value corresponding to the target record;
and updating the storage check value corresponding to the target record to an updated check value corresponding to the target record to obtain an updated storage check value corresponding to the target record.
Optionally, as shown in fig. 8, the verification apparatus 710 further includes an insertion module 715, where the insertion module 715 is configured to:
responding to an insertion operation of a target data table, and acquiring insertion data of at least one field in the target data table corresponding to the insertion operation when a check mark of the target data table indicates that the target data table needs to be subjected to integrity check;
adding insertion data of at least one field in the target data table corresponding to the insertion operation to the field corresponding to the target data table to serve as storage data of the corresponding field, and determining the combination of the storage data added to each field as an insertion record of the target data table;
determining that the check identifier indicates a field needing integrity check in all fields included in the insert record based on the check identifier of each field in the insert record;
and sequentially splicing the stored data of the fields needing integrity check according to the sequence numbers of the corresponding fields, then carrying out MAC algorithm processing to obtain the stored check value corresponding to the insertion record, and adding the stored check value into the insertion record for storage.
The verifying device of data storage integrality that this application embodiment provided, verifying device includes: the first acquisition module is used for responding to the updating operation of a target data table and acquiring the check mark of the target data table; the target data table comprises a plurality of records, each record comprises a plurality of fields, and each field is provided with corresponding storage data; a second obtaining module, configured to obtain a target record corresponding to the update operation in the target data table and a stored check value corresponding to the target record when the check flag of the target data table indicates that integrity check needs to be performed on the target data table; a third obtaining module, configured to obtain a target check value corresponding to the target record based on a field included in the target record; and the processing module is used for comparing a target check value corresponding to the target record with a storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
Therefore, by adopting the technical scheme provided by the application, the target check value can be obtained through the field included by the target record, the target check value is compared with the storage check value corresponding to the target record, and whether the target record is damaged or not is determined, so that the integrity of data storage in the target record is verified, and the safety of data storage is improved.
Referring to fig. 9, fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure. As shown in fig. 9, the electronic device 900 includes a processor 910, a memory 920, and a bus 930.
The memory 920 stores machine-readable instructions executable by the processor 910, when the electronic device 900 runs, the processor 910 communicates with the memory 920 through the bus 930, and when the machine-readable instructions are executed by the processor 910, the steps of the method for checking integrity of data storage in the method embodiments shown in fig. 1 and fig. 2 may be executed.
An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the step of the method for checking integrity of data storage in the method embodiments shown in fig. 1 and fig. 2 may be executed.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present application, and are used for illustrating the technical solutions of the present application, but not limiting the same, and the scope of the present application is not limited thereto, and although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the exemplary embodiments of the present application, and are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method for verifying data storage integrity, the method comprising:
responding to the updating operation of a target data table, and acquiring a check mark of the target data table; wherein the target data table comprises a plurality of records;
when the check mark of the target data table indicates that the target data table needs to be subjected to integrity check, acquiring a target record corresponding to the updating operation in the target data table and a storage check value corresponding to the target record;
obtaining a target check value corresponding to the target record based on the field included in the target record;
and comparing the target check value corresponding to the target record with the storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
2. The verification method according to claim 1, wherein the step of obtaining the target verification value corresponding to the target record based on the field included in the target record includes:
acquiring a check identifier of each field based on the fields included in the target record;
determining that the check identifier indicates a target field needing integrity check in the fields included in the target record based on the check identifier of each field;
and acquiring the serial number of each target field, sequentially splicing the stored data corresponding to each target field according to the serial number of the corresponding target field, and then performing MAC algorithm processing to obtain a target check value corresponding to the target record.
3. The verification method according to claim 2, wherein the target fields that need to be integrity-verified are determined to be indicated by the verification identifier among the fields included in the target record by:
aiming at each field in the target data table, acquiring a check identifier and a protection level corresponding to the field in a predetermined data dictionary; the data dictionary is a set of check identifications and protection levels corresponding to each field in all the fields;
determining whether the protection level corresponding to the field belongs to a preset protection level set or not;
if yes, determining the check identifier corresponding to the field in the data dictionary as the check identifier of the field in the target data table, and determining that the check identifier indicates the target field needing integrity check in the fields included in the target record based on the determined check identifier of each field in the target data table.
4. The verification method according to claim 3, wherein before obtaining the verification identifier and the protection level corresponding to the field, the verification method further comprises:
aiming at each field in the data dictionary, acquiring a check identifier and a protection level preset by the field in a predetermined reference dictionary; the reference dictionary is a set of preset check identification and protection level of each field;
and determining the check identifier corresponding to the field in the reference dictionary as the check identifier corresponding to the field in the data dictionary, and determining the protection level corresponding to the field in the reference dictionary as the protection level corresponding to the field in the data dictionary.
5. The verification method of claim 1, further comprising:
if the target check value corresponding to the target record is consistent with the stored check value corresponding to the target record, acquiring the update fields of the target record corresponding to the update operation and the target data of each update field from a plurality of fields included in the target record;
for each update field, updating the storage data of the field corresponding to the update field in the target record to the target data of the update field to obtain the updated storage data of the field;
determining the target record in which the storage data of each updated field after the corresponding field in the target record is updated is located as the updated target record;
determining that the check identifier indicates a field needing integrity check in all fields included in the updated target record based on the check identifier of each field in the target record;
sequentially splicing the stored data of the fields needing integrity check in the updated target record according to the serial numbers of the corresponding fields, and then performing MAC algorithm processing to obtain an updated check value corresponding to the target record;
and updating the storage check value corresponding to the target record to an updated check value corresponding to the target record to obtain an updated storage check value corresponding to the target record.
6. The verification method of claim 1, further comprising:
responding to an insertion operation of a target data table, and acquiring insertion data of at least one field in the target data table corresponding to the insertion operation when a check mark of the target data table indicates that the target data table needs to be subjected to integrity check;
adding insertion data of at least one field in the target data table corresponding to the insertion operation to the field corresponding to the target data table to serve as storage data of the corresponding field, and determining the combination of the storage data added to each field as an insertion record of the target data table;
determining that the check identifier indicates a field needing integrity check in all fields included in the insert record based on the check identifier of each field in the insert record;
and sequentially splicing the stored data of the fields needing integrity check according to the sequence numbers of the corresponding fields, then carrying out MAC algorithm processing to obtain the stored check value corresponding to the insert record, and adding the stored check value into the insert record for storage.
7. The verification method of claim 1, further comprising:
and upgrading the safety platform where the target record is located based on the alarm information that the target record is damaged so as to prevent the target record from being damaged again.
8. A verification apparatus for integrity of data storage, said verification apparatus comprising:
the first acquisition module is used for responding to the updating operation of a target data table and acquiring the check mark of the target data table; wherein the target data table comprises a plurality of records;
a second obtaining module, configured to obtain a target record corresponding to the update operation in the target data table and a stored check value corresponding to the target record when the check flag of the target data table indicates that integrity check needs to be performed on the target data table;
a third obtaining module, configured to obtain a target check value corresponding to the target record based on a field included in the target record;
and the processing module is used for comparing a target check value corresponding to the target record with a storage check value corresponding to the target record, and if the target check value corresponding to the target record is inconsistent with the storage check value corresponding to the target record, generating alarm information that the target record is damaged.
9. An electronic device, comprising: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating via the bus when the electronic device is operating, the machine-readable instructions being executable by the processor to perform the steps of the method for verifying integrity of data storage according to any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a computer program for performing, when being executed by a processor, the steps of the method for verifying the integrity of a data storage according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211492898.XA CN115828322B (en) | 2022-11-25 | 2022-11-25 | Data storage integrity verification method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211492898.XA CN115828322B (en) | 2022-11-25 | 2022-11-25 | Data storage integrity verification method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115828322A true CN115828322A (en) | 2023-03-21 |
| CN115828322B CN115828322B (en) | 2024-07-19 |
Family
ID=85531715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211492898.XA Active CN115828322B (en) | 2022-11-25 | 2022-11-25 | Data storage integrity verification method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115828322B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117034368A (en) * | 2023-10-09 | 2023-11-10 | 苏州元脑智能科技有限公司 | Data integrity protection method, device, equipment and storage medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040243762A1 (en) * | 2003-05-29 | 2004-12-02 | International Business Machines Corporation | Process, apparatus, and system for storing data check information using standard sector data field sizes |
| CN107908725A (en) * | 2017-11-14 | 2018-04-13 | 中国银行股份有限公司 | A kind of batch data method of calibration, device and system |
| CN110377471A (en) * | 2019-07-17 | 2019-10-25 | 江苏满运软件科技有限公司 | Generation method, device, storage medium and the electronic equipment of interface check data |
| CN111711623A (en) * | 2020-06-15 | 2020-09-25 | 深圳前海微众银行股份有限公司 | Data verification method and device |
| WO2021114918A1 (en) * | 2019-12-13 | 2021-06-17 | 华为技术有限公司 | Integrity checking method and apparatus, terminal device and verification server |
| CN113641633A (en) * | 2021-08-10 | 2021-11-12 | 中国工商银行股份有限公司 | File processing method, file processing device, electronic equipment, medium and computer program |
| WO2022041186A1 (en) * | 2020-08-31 | 2022-03-03 | 华为技术有限公司 | Security protection method and device and storage medium |
| CN114187116A (en) * | 2021-12-14 | 2022-03-15 | 中国建设银行股份有限公司 | Method and apparatus for managing account information |
| CN114282268A (en) * | 2021-12-10 | 2022-04-05 | 南京国电南自电网自动化有限公司 | Database integrity checking method and device based on SM3 algorithm |
| CN114386088A (en) * | 2021-12-03 | 2022-04-22 | 上海金仕达软件科技有限公司 | Data verification method and device, computer equipment and storage medium |
| CN114385722A (en) * | 2020-10-16 | 2022-04-22 | 腾讯科技(深圳)有限公司 | Interface attribute consistency checking method and device, electronic equipment and storage medium |
| CN115081017A (en) * | 2022-06-16 | 2022-09-20 | 平安壹钱包电子商务有限公司 | Large-field data calling method and system |
| CN115118504A (en) * | 2022-06-28 | 2022-09-27 | 北京天融信网络安全技术有限公司 | Knowledge base updating method and device, electronic equipment and storage medium |
-
2022
- 2022-11-25 CN CN202211492898.XA patent/CN115828322B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040243762A1 (en) * | 2003-05-29 | 2004-12-02 | International Business Machines Corporation | Process, apparatus, and system for storing data check information using standard sector data field sizes |
| CN107908725A (en) * | 2017-11-14 | 2018-04-13 | 中国银行股份有限公司 | A kind of batch data method of calibration, device and system |
| CN110377471A (en) * | 2019-07-17 | 2019-10-25 | 江苏满运软件科技有限公司 | Generation method, device, storage medium and the electronic equipment of interface check data |
| WO2021114918A1 (en) * | 2019-12-13 | 2021-06-17 | 华为技术有限公司 | Integrity checking method and apparatus, terminal device and verification server |
| CN111711623A (en) * | 2020-06-15 | 2020-09-25 | 深圳前海微众银行股份有限公司 | Data verification method and device |
| WO2022041186A1 (en) * | 2020-08-31 | 2022-03-03 | 华为技术有限公司 | Security protection method and device and storage medium |
| CN114385722A (en) * | 2020-10-16 | 2022-04-22 | 腾讯科技(深圳)有限公司 | Interface attribute consistency checking method and device, electronic equipment and storage medium |
| CN113641633A (en) * | 2021-08-10 | 2021-11-12 | 中国工商银行股份有限公司 | File processing method, file processing device, electronic equipment, medium and computer program |
| CN114386088A (en) * | 2021-12-03 | 2022-04-22 | 上海金仕达软件科技有限公司 | Data verification method and device, computer equipment and storage medium |
| CN114282268A (en) * | 2021-12-10 | 2022-04-05 | 南京国电南自电网自动化有限公司 | Database integrity checking method and device based on SM3 algorithm |
| CN114187116A (en) * | 2021-12-14 | 2022-03-15 | 中国建设银行股份有限公司 | Method and apparatus for managing account information |
| CN115081017A (en) * | 2022-06-16 | 2022-09-20 | 平安壹钱包电子商务有限公司 | Large-field data calling method and system |
| CN115118504A (en) * | 2022-06-28 | 2022-09-27 | 北京天融信网络安全技术有限公司 | Knowledge base updating method and device, electronic equipment and storage medium |
Non-Patent Citations (3)
| Title |
|---|
| WU YINGHAO; LING JIE;: "An Improved Data Integrity Verification Method for Cloud Storage", COMPUTER ENGINEERING, 15 March 2019 (2019-03-15), pages 36 - 40 * |
| 郭继斌, 徐晓铁, 王衍波: "信息完整性保护与认证", 电子工程师, no. 09, 15 September 1999 (1999-09-15), pages 6 - 10 * |
| 陈恩铭;肖瑞;杨冰;: "应用系统信息完整性保护研究", 网络安全技术与应用, 29 February 2016 (2016-02-29), pages 56 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117034368A (en) * | 2023-10-09 | 2023-11-10 | 苏州元脑智能科技有限公司 | Data integrity protection method, device, equipment and storage medium |
| CN117034368B (en) * | 2023-10-09 | 2024-02-09 | 苏州元脑智能科技有限公司 | Data integrity protection method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115828322B (en) | 2024-07-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101434860B1 (en) | Method for Verifying Integrity of Dynamic Code Using Hash | |
| CN113704781B (en) | File secure transmission method and device, electronic equipment and computer storage medium | |
| CN111291339A (en) | Processing method, device and equipment of block chain data and storage medium | |
| CN104636444A (en) | Database encryption and decryption method and device | |
| CN115828322B (en) | Data storage integrity verification method and device, electronic equipment and storage medium | |
| CN109255232B (en) | Software loading method and software loading device | |
| CN115002062B (en) | Message processing method, device, equipment and readable storage medium | |
| CN108090364B (en) | Method and system for positioning data leakage source | |
| CN113849210A (en) | Firmware upgrading method and device based on TEE | |
| CN113792319A (en) | File encryption method and device, storage medium and electronic equipment | |
| CN117371002A (en) | Model encryption method, model decryption method, encryption device, and readable storage medium | |
| CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
| CN107545185A (en) | Android mobile terminal administration authority detection method, device, terminal and storage medium | |
| CN116450391A (en) | Fault positioning method, device, equipment and medium | |
| CN116302079A (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN112883397B (en) | Data storage method, data reading method, device, equipment and storage medium | |
| CN114254325A (en) | Embedded firmware encryption anti-cracking method | |
| CN110874225B (en) | Data verification method and device, embedded equipment and storage medium | |
| CN113627938B (en) | Data deleting method, device and equipment of block chain and storage medium | |
| CN112435076A (en) | Member grade configuration method and device, computer equipment and readable storage medium | |
| CN111984944B (en) | Source code processing method, related device and storage medium | |
| CN116451251A (en) | Data verification method, system, equipment and medium | |
| CN116383544B (en) | Webpage report generation method, device, equipment and medium | |
| CN117494232B (en) | Method, device, system, storage medium and electronic equipment for executing firmware | |
| CN114969765B (en) | Internet of things equipment non-inductive security vulnerability repairing method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |