CN115860017A - Data processing method and related device - Google Patents
Data processing method and related device Download PDFInfo
- Publication number
- CN115860017A CN115860017A CN202310111370.1A CN202310111370A CN115860017A CN 115860017 A CN115860017 A CN 115860017A CN 202310111370 A CN202310111370 A CN 202310111370A CN 115860017 A CN115860017 A CN 115860017A
- Authority
- CN
- China
- Prior art keywords
- parameters
- service
- card
- algorithm
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The application discloses a data processing method and a related device, and relates to the technical field of data processing. The write-in parameters of the target card can be obtained, the write-in parameters are divided into action parameters and service parameters according to a preset rule, further, the action parameters are encrypted according to a primary encryption algorithm to obtain encrypted action parameters, and the service parameters are encrypted according to a service encryption algorithm to obtain encrypted service parameters. The writing parameters are divided into two parts of action parameters and business parameters, and the two parts are encrypted respectively, so that the card business can still be well adapted when different, and the card business processing method and the card business processing device can be suitable for processing the writing parameters of the card in different application scenes. And finally, writing the encrypted action parameters and the encrypted service parameters into the target card, wherein the parameters written into the target card are encrypted and correspondingly need decryption and authentication when in use, so that the data security of the target card in the use stage can be improved.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data processing method and a related apparatus.
Background
The card plays an important role in daily life, for example, in each application scene such as apartment, school, ATM, gas station, toll station that have intelligent lock, all can utilize the card to improve convenient experience.
Generally, when the card is issued, certain write parameters are written in the card, and when the card is used, the write parameters in the card are read. In order to ensure data security, the write-in parameters written into the card are encrypted, and correspondingly, decryption is performed when the card is used, so that authentication is realized, and the card can be successfully used only after the authentication is passed.
However, the processing method in the related art is not well suited for each type of application scenario.
Disclosure of Invention
In order to solve the technical problem, the present application provides a data processing method and a related apparatus, which can be better adapted to the processing of write parameters for cards in different application scenarios.
The embodiment of the application discloses the following technical scheme:
in one aspect, an embodiment of the present application provides a data processing method, where the method includes:
acquiring write-in parameters of a target card;
dividing the writing parameters into action parameters and service parameters according to preset rules;
encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and writing the encrypted action parameters and the encrypted service parameters into the target card.
On the other hand, an embodiment of the present application provides a data processing apparatus, where the apparatus includes an obtaining unit, a dividing unit, a processing unit, and a writing unit:
the acquisition unit is used for acquiring the write-in parameters of the target card;
the dividing unit is used for dividing the writing parameters into action parameters and service parameters according to a preset rule;
the processing unit is used for encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and the writing unit is used for writing the encrypted action parameters and the encrypted service parameters into the target card.
In yet another aspect, an embodiment of the present application provides a computer device, including a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to execute the data processing method of the above aspect according to instructions in the program code.
In still another aspect, an embodiment of the present application provides a computer-readable storage medium for storing a computer program for executing the data processing method of the above aspect.
In yet another aspect, the present application provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the data processing method of the above aspect.
According to the technical scheme, the write-in parameters of the target card can be obtained, the write-in parameters are divided into the action parameters and the service parameters according to the preset rules, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain the encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain the encrypted service parameters. The writing parameters are divided into two parts of action parameters and business parameters, and then the two parts are respectively encrypted, so that the card business can still be well adapted when different, and the card business can be better suitable for processing the writing parameters of the card in different application scenes. And finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and the parameters written into the target card are encrypted and correspondingly need to be decrypted and authenticated during use, so that the data security of the target card in the use stage can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a data processing method according to an embodiment of the present application;
FIG. 2a is a schematic diagram of an algorithm content composition provided in an embodiment of the present application;
fig. 2b is a schematic diagram of a process of encrypting an action parameter according to an embodiment of the present application;
fig. 2c is a schematic diagram of a process of encrypting a service parameter according to an embodiment of the present application;
fig. 3a is a schematic diagram of a system card algorithm interface according to an embodiment of the present application;
FIG. 3b is a schematic diagram of a card processing process according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram illustrating a use process of a card according to an embodiment of the present application;
fig. 5 is a structural diagram of a data processing apparatus according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The data processing method provided by the embodiment of the application can be implemented by computer equipment, the computer equipment can be terminal equipment or a server, wherein the server can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, and a cloud server providing cloud computing service. The terminal devices include, but are not limited to, mobile phones, computers, intelligent voice interaction devices, intelligent household appliances, vehicle-mounted terminals, and the like. The terminal device and the server may be directly or indirectly connected through wired or wireless communication, which is not limited in this application.
The following examples are intended to illustrate in particular:
fig. 1 is a flowchart of a data processing method provided in an embodiment of the present application, which is described by taking a terminal device as the foregoing computer device as an example, and the method includes S101-S104:
s101: and acquiring the write-in parameters of the target card.
S102: and dividing the writing parameters into action parameters and service parameters according to preset rules.
For the target card, the write parameters of the target card may be obtained first. In general, a target card may refer to a card that is undergoing a card management operation, such as in an apartment or hotel setting, where the target card may be a pass card and a room card. In practical application, the card management operation may be a card management operation performed by the unified card sender, and specifically may include management operations such as adding, deleting, modifying, and checking cards, for example, adding, deleting, reporting, and activating cards for cards, and may also include management operations for data in cards, such as adding a public key of a card, updating a public key of a card, deleting a public key of a card, updating a private key of a room card, and deleting a private key of a room card. The mode of carrying out card management operation through unified hairpin, can realize the management of card business, simultaneously, this kind of management operation can also be long-range going on, based on this, can be under the condition that non-networking or can not pass through bluetooth channel connection, still realize the management of card business, it is more convenient.
The write parameters can be generally input by an initiating user of the card management operation, and can refer to related data needing to be written into the target card. In practical application, corresponding card services are different in different application scenarios, and correspondingly, writing parameters are different. In order to adapt to more different application scenes, the write-in parameters can be divided into action parameters and service parameters according to preset rules, and then the action parameters and the service parameters can be processed respectively during subsequent processing, so that the card service can be well adapted when different card services are applied to different application scenes.
In practical applications, the writing parameters may be different according to actual card services, and the application is not limited in this respect. For example, the write parameters may include parameters such as an account client code, an account authentication key, a device ID, a card swiping device authentication key, an encryption manner, the number of times of use, a card service operation command code, a start time and a stop time. For example, the account client code and the account authentication key may be divided into action parameters, the number of times of use, the card service operation command code, and the start-stop time may be divided into service parameters, and the device ID, the card swiping device authentication key, and the encryption method may be divided into action parameters and service parameters. That is, the device ID, the card swiping device authentication key, and the encryption scheme may have dual properties, belonging to both the action parameter and the service parameter.
Generally, in order to ensure data security, the background system may perform validity authentication on the write parameter, and perform subsequent related operations on the write parameter after the validity authentication is passed (e.g., S102, etc.). In order to better understand the validity authentication, the embodiment of the present application takes three dimensions of the account client code, the device authentication key, and the device ID as an example, and the details are as follows:
the account client code can be a random hexadecimal number with 16 bytes automatically distributed in advance by the system according to different projects or different client conditions, the system ensures the uniqueness of the account client code through a generating rule, and the account client code can be ensured to be matched and a legal client through legal authentication. When the device authentication key is bound for the device, a random hexadecimal number not greater than 20 bytes generated by the platform is stored in the platform. The device ID is the unique identification of the card swiping device, the Bluetooth MAC address information of the card swiping device is converted into fixed address information, the Bluetooth communication standard is met, and the uniqueness of the information can be guaranteed. The legality and the safety of subsequent algorithm calling are ensured by the safety and the uniqueness of the generation of the write parameters of the three dimensions respectively.
S103: and encrypting the operation parameters according to the primary encryption algorithm to obtain encrypted operation parameters, and encrypting the service parameters according to the service encryption algorithm to obtain encrypted service parameters.
After the action parameter and the service parameter are determined, the action parameter can be encrypted according to a primary encryption algorithm to obtain an encrypted action parameter, and the service parameter can be encrypted according to a service encryption algorithm to obtain an encrypted service parameter. Based on this, the encryption processing of the action parameters and the service parameters is completed.
That is, in the embodiment of the present application, the algorithm used for the encryption processing of the write parameters may be composed of two parts, namely, a primary encryption algorithm and a traffic encryption algorithm. Correspondingly, the algorithm content composition can be seen in fig. 2a, and fig. 2a shows a schematic diagram of an algorithm content composition. The process of encrypting the action parameter can be shown in fig. 2b, and fig. 2b is a schematic diagram of a process of encrypting the action parameter, where the primary encryption algorithm may be an SM4 algorithm, and the item key is a corresponding key. The process of encrypting the service parameters can be referred to as fig. 2c, and fig. 2c is a schematic diagram illustrating the process of encrypting the service parameters, where the service encryption algorithm can be an algorithm defined by a user according to a service, a service encryption key is a corresponding key, and a service plaintext to be encrypted can include start-stop time, use times, a card carrier ID, a service operation function code, a random number of a server system, a public key of a card passing through, a private key of a room card, and the like.
In practical applications, the action parameters and the business parameters are different from each other in terms of data security requirement level, and generally, the business data is directly related to the card business, and the data security requirement level is higher than that of the action parameters. Thus, in one possible implementation, the primary encryption algorithm and the traffic encryption algorithm may be different, wherein the traffic encryption algorithm may have a higher encryption level than the primary encryption algorithm, and accordingly, the encryption processing for the traffic parameter may be more complex than the encryption processing for the action parameter, thereby increasing the complexity of decryption in use and increasing data security.
Since the corresponding card services are different in different application scenarios, the card types may also be considered to be different. In order to adapt to more different application scenarios, in a possible implementation manner, before S103, the card type of the target card may be determined, and then the undetermined primary encryption algorithm is screened according to the card type, the primary encryption algorithm is determined, and the undetermined service encryption algorithm is screened according to the card type, and the service encryption algorithm is determined. The pending primary encryption algorithm and the pending service encryption algorithm may include a plurality of algorithms, and may refer to a related algorithm in a preconfigured algorithm pool, for example, the algorithms may be SM4, DES, AES, and the like. Based on this, the primary encryption algorithm and the business encryption algorithm are both matched with the card type of the target card, that is, the primary encryption algorithm and the business encryption algorithm are more adaptive to the card business and the application scene of the target card, so that the processing effect is improved. Aiming at different types of cards, algorithms matched with the cards can be screened for processing, and the adaptation degree is higher.
In order to simplify the decryption process in the use stage, in practical applications, the primary encryption algorithm and the traffic encryption algorithm may both be symmetric encryption algorithms. It should be noted that both the pending primary encryption algorithm and the pending service encryption algorithm may be symmetric encryption algorithms. Based on this, the decryption process at the use stage can be simplified by utilizing the symmetry of the symmetric encryption algorithm.
S104: and writing the encrypted action parameters and the encrypted service parameters into the target card.
After the encryption processing is completed, the encrypted action parameters and the encrypted service parameters can be written into the target card, and based on the action parameters and the encrypted service parameters, card management operation on the target card is completed.
In order to improve data security, a system card algorithm interface can be arranged, write-in parameters are processed uniformly through the system card algorithm interface, and the system card algorithm interface can be specially used for processing the write-in parameters of the card, so that data leakage and the like can be avoided to a certain extent, and data security is improved. System card algorithm interface fig. 3a may be referred to, and fig. 3a shows a schematic diagram of a system card algorithm interface, where in fig. 3a, the write parameters may include an account client code, a device authentication key, and a device ID. The algorithms such as the primary encryption algorithm and the service encryption algorithm can be generated by the card algorithm generation server. Correspondingly, an embodiment of the present application further provides a schematic processing procedure diagram of a card, which is shown in fig. 3b, and fig. 3b shows a schematic processing procedure diagram of a card, where first, a system card algorithm interface may be used to process write parameters, and then, a related algorithm generated by a card algorithm generation server is used to perform encryption processing, and these two parts may be regarded as related processing in a write stage of the card; then, the card reader interface can be used for reading the encrypted data in the card, and the card is verified through the device side, the two parts can be regarded as related processing of the application stage of the card, the device side is the card swiping device, and the card swiping device can read the encrypted data in the card through the card reader interface.
In practical application, in the use stage of the target card, a user can use the target card to perform related card swiping operations, such as card swiping unlocking and the like. Generally, the swiping operation may be performed on a swiping device. Correspondingly, in response to the card swiping operation of the target card on the card swiping device, the card swiping device can acquire the primary algorithm identifier and the primary key identifier corresponding to the primary encryption algorithm, and acquire the service algorithm identifier and the service key identifier corresponding to the service encryption algorithm. Based on this, in the use stage, the key identification and the algorithm identification are transmitted, but not the key and the algorithm, so that the data security can be ensured to a greater extent. Furthermore, the card swiping equipment can call the corresponding primary decryption algorithm according to the primary algorithm identifier, call the corresponding primary key according to the primary key identifier, call the corresponding service decryption algorithm according to the service algorithm identifier, and call the corresponding service key according to the service key identifier. And finally, the card swiping equipment can decrypt and authenticate the encrypted action parameters according to the primary decryption algorithm and the primary key, and decrypt and authenticate the encrypted service parameters according to the service decryption algorithm and the service key.
Based on this, decryption authentication of the encrypted data at the use stage can be accomplished. In practical application, if the decryption and the authentication are passed, the card swiping operation can be determined to be effective, the card swiping operation is responded, and otherwise, the card swiping operation can be prompted to be invalid. For example, taking card swiping unlocking as an example, when decryption and authentication are passed, it can be determined that the card is effectively swiped, and unlocking is performed in response, otherwise, an invalid card swiping is prompted, and unlocking is not performed.
In practical application, in order to further improve data security, a security chip may be built in the card swiping device, and accordingly, the primary decryption algorithm, the primary key, the service decryption algorithm, and the service key may all be stored in the security chip corresponding to the card swiping device. Based on this, the key and the algorithm are stored by adopting a security chip with higher security level, which is beneficial to improving the data security and avoiding the malicious reading or tampering of the key and the algorithm.
It should be noted that, when the card swiping device is configured, the to-be-determined primary encryption algorithm and the to-be-determined service encryption algorithm may be stored in a built-in security chip in advance, for example, an SM4, DES, AES algorithm, and a key may be stored in advance, and specifically, in the binding process of the card swiping device, the to-be-determined primary encryption algorithm and the to-be-determined service encryption algorithm may be stored in advance according to different address information of the card swiping device in the server. Accordingly, in the use stage, the card swiping device may invoke the corresponding algorithm from the secure chip according to the algorithm identifier (e.g. the aforementioned primary algorithm identifier, service algorithm identifier), and invoke the corresponding key from the secure chip according to the key identifier (e.g. the aforementioned primary key identifier, service key identifier). Based on this, the secret key and the algorithm are pre-stored, so that only the secret key identification and the algorithm identification can be transmitted in the use stage, and the secret key and the algorithm are not transmitted, which is beneficial to improving the data security. The mode of only transmitting the key identification and the algorithm identification can ensure the same condition through random numbers, ensure the randomness of the encrypted data, ensure the decoding difficulty of the encrypted data of the off-line card and be beneficial to improving the data security.
Correspondingly, the embodiment of the application provides a schematic use process of the card, and can be seen in fig. 4. Fig. 4 shows a schematic diagram of a card usage process, which may be, for example, after a user performs a card swiping operation in a card swiping device, the ciphertext data (i.e., the encrypted action parameter and the encrypted service parameter) may be read through a card reader interface of the card swiping device, and corresponding algorithm codes (e.g., the primary algorithm identifier and the service algorithm identifier) and key codes (e.g., the primary key identifier and the service key identifier) may be obtained. Then, the corresponding decryption algorithm and the key can be called to decrypt the ciphertext data to obtain plaintext data, and the plaintext data is authenticated to ensure the legality. The method for processing the write-in parameters such as the card validity period, the use times and the authorized room of the card related to the service according to the preset algorithm and rule can cover the condition of non-network transmission or Bluetooth writing, and based on the condition, the authentication and management of the card in an off-line state can be completed. Correspondingly, the card swiping operation can be responded after the authentication is passed, and otherwise, the user can be prompted to invalidate the card swiping.
According to the technical scheme, the write-in parameters of the target card can be obtained, the write-in parameters are divided into the action parameters and the service parameters according to the preset rules, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain the encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain the encrypted service parameters. The write-in parameters are divided into two parts, namely action parameters and service parameters, and then encryption is carried out respectively, so that the card can still be well adapted when the card services are different, and the card write-in parameters can be better adapted to processing of the card in different application scenes. And finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and the parameters written into the target card are encrypted and correspondingly need to be decrypted and authenticated during use, so that the data security of the target card in the use stage can be improved.
Fig. 5 is a structural diagram of a data processing apparatus according to an embodiment of the present application, where the apparatus includes an obtaining unit 501, a dividing unit 502, a processing unit 503, and a writing unit 504:
the obtaining unit 501 is configured to obtain a write parameter of a target card;
the dividing unit 502 is configured to divide the write parameters into action parameters and service parameters according to a preset rule;
the processing unit 503 is configured to perform encryption processing on the action parameter according to a primary encryption algorithm to obtain an encrypted action parameter, and perform encryption processing on the service parameter according to a service encryption algorithm to obtain an encrypted service parameter;
the writing unit 504 is configured to write the encrypted action parameter and the encrypted service parameter into the target card.
In one possible implementation, the apparatus further includes a determining unit:
the determining unit is used for determining the card type of the target card;
the determining unit is further configured to screen an undetermined primary encryption algorithm according to the card type, determine the primary encryption algorithm, screen an undetermined service encryption algorithm according to the card type, and determine the service encryption algorithm.
In a possible implementation manner, the apparatus further includes a calling unit and an authentication unit:
the obtaining unit is further configured to, in response to a card swiping operation of the target card in a card swiping device, obtain, by the card swiping device, a primary algorithm identifier and a primary key identifier corresponding to the primary encryption algorithm, and obtain a service algorithm identifier and a service key identifier corresponding to the service encryption algorithm;
the calling unit is used for calling a corresponding primary decryption algorithm according to the primary algorithm identifier, calling a corresponding primary key according to the primary key identifier, calling a corresponding service decryption algorithm according to the service algorithm identifier, and calling a corresponding service key according to the service key identifier;
the authentication unit is used for decrypting and authenticating the encrypted action parameters according to the primary decryption algorithm and the primary key through the card swiping equipment, and decrypting and authenticating the encrypted service parameters according to the service decryption algorithm and the service key.
In a possible implementation manner, the apparatus further includes a prompting unit:
and the prompting unit is used for determining that the card swiping operation is effective card swiping if the decryption authentication is passed, and responding to the card swiping operation, otherwise, prompting that the card swiping operation is ineffective card swiping.
In a possible implementation manner, the primary decryption algorithm, the primary key, the service decryption algorithm, and the service key are all stored in a security chip corresponding to the card swiping device.
In one possible implementation, the primary encryption algorithm and the traffic encryption algorithm are both symmetric encryption algorithms.
According to the technical scheme, the write-in parameters of the target card can be obtained, the write-in parameters are divided into the action parameters and the service parameters according to the preset rules, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain the encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain the encrypted service parameters. The writing parameters are divided into two parts of action parameters and business parameters, and then the two parts are respectively encrypted, so that the card business can still be well adapted when different, and the card business can be better suitable for processing the writing parameters of the card in different application scenes. And finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and the parameters written into the target card are encrypted and correspondingly need to be decrypted and authenticated during use, so that the data security of the target card in the use stage can be improved.
In yet another aspect, an embodiment of the present application provides a computer device, including a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is used for executing the data processing method provided by the above embodiment according to the instructions in the program code.
The computer device may include a terminal device or a server, and the aforementioned data processing apparatus may be configured in the computer device.
In another aspect, an embodiment of the present application further provides a storage medium, where the storage medium is used to store a computer program, and the computer program is used to execute the data processing method provided by the foregoing embodiment.
In addition, the embodiment of the present application also provides a computer program product including instructions, which when run on a computer, causes the computer to execute the data processing method provided by the above embodiment.
Those of ordinary skill in the art will understand that: all or part of the steps of implementing the method embodiments may be implemented by hardware associated with program instructions, where the program may be stored in a computer-readable storage medium, and when executed, performs the steps including the method embodiments; and the aforementioned storage medium may be at least one of the following media: various media that can store program codes, such as a Read-only Memory (ROM), a RAM, a magnetic disk, or an optical disk.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement without inventive effort.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another like element in a process, method, article, or apparatus that comprises the element.
The foregoing detailed description of the data processing method and related apparatus provided by the embodiments of the present application has been provided, and specific examples are used herein to explain the principles and implementations of the present application. Also, variations in the specific embodiments and applications of the methods of the present application will occur to those skilled in the art.
In summary, the present disclosure should not be construed as limiting the present application, and any changes or substitutions that can be easily conceived by one skilled in the art within the technical scope of the present disclosure should be covered within the protection scope of the present application. Moreover, the present application may be further combined to provide more implementation manners on the basis of the implementation manners provided by the above aspects.
Claims (10)
1. A method of data processing, the method comprising:
acquiring write-in parameters of a target card;
dividing the writing parameters into action parameters and service parameters according to preset rules;
encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and writing the encrypted action parameters and the encrypted service parameters into the target card.
2. The method of claim 1, wherein before said encrypting said action parameters according to a primary encryption algorithm and said encrypting said traffic parameters according to a traffic encryption algorithm, said method further comprises:
determining a card type of the target card;
and screening the undetermined primary encryption algorithm according to the card type to determine the primary encryption algorithm, and screening the undetermined service encryption algorithm according to the card type to determine the service encryption algorithm.
3. The method of claim 1, further comprising:
responding to the card swiping operation of the target card in card swiping equipment, acquiring a primary algorithm identifier and a primary key identifier corresponding to the primary encryption algorithm through the card swiping equipment, and acquiring a service algorithm identifier and a service key identifier corresponding to the service encryption algorithm;
calling a corresponding primary decryption algorithm according to the primary algorithm identification, calling a corresponding primary key according to the primary key identification, calling a corresponding service decryption algorithm according to the service algorithm identification, and calling a corresponding service key according to the service key identification by the card swiping equipment;
and decrypting and authenticating the encrypted action parameters according to the primary decryption algorithm and the primary key by the card swiping equipment, and decrypting and authenticating the encrypted service parameters according to the service decryption algorithm and the service key.
4. The method of claim 3, further comprising:
and if the decryption authentication is passed, determining that the card swiping operation is effective card swiping, and responding to the card swiping operation, otherwise, prompting that the card swiping operation is ineffective card swiping.
5. The method according to claim 3, wherein the primary decryption algorithm, the primary key, the service decryption algorithm, and the service key are stored in a corresponding security chip of the card swiping device.
6. The method according to any of claims 1-5, characterized in that the primary encryption algorithm and the traffic encryption algorithm are both symmetric encryption algorithms.
7. A data processing apparatus, characterized in that the apparatus comprises an acquisition unit, a dividing unit, a processing unit, and a writing unit:
the acquisition unit is used for acquiring the write-in parameters of the target card;
the dividing unit is used for dividing the writing parameters into action parameters and service parameters according to a preset rule;
the processing unit is used for encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and the writing unit is used for writing the encrypted action parameters and the encrypted service parameters into the target card.
8. A computer device, comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method of any one of claims 1-6 according to instructions in the program code.
9. A computer-readable storage medium, characterized in that the computer-readable storage medium is used to store a computer program for performing the method of any of claims 1-6.
10. A computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310111370.1A CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310111370.1A CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115860017A true CN115860017A (en) | 2023-03-28 |
| CN115860017B CN115860017B (en) | 2023-07-14 |
Family
ID=85658027
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310111370.1A Active CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115860017B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101719228A (en) * | 2009-11-25 | 2010-06-02 | 北京握奇数据系统有限公司 | Method and device for data management of intelligent card |
| CN104899496A (en) * | 2014-09-26 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Data reading method and terminal for same |
| US20170372180A1 (en) * | 2015-10-09 | 2017-12-28 | Tencent Technology (Shenzhen) Company Limited | Smart card read/write method and apparatus |
| CN108763979A (en) * | 2018-05-15 | 2018-11-06 | 苏州澄怀科技有限公司 | A kind of system and method that card application is written to smart card by mobile terminal |
| CN111862470A (en) * | 2020-08-18 | 2020-10-30 | 天津速越科技有限公司 | One-to-many virtual card reading method based on IC card and virtual card reader |
| CN114519360A (en) * | 2022-01-29 | 2022-05-20 | 金蝶软件(中国)有限公司 | Data reading and writing method, login method and device of business system and computer equipment |
| WO2022217714A1 (en) * | 2021-04-16 | 2022-10-20 | 平安科技(深圳)有限公司 | Data collision method, apparatus and device, and computer-readable storage medium |
| CN115391795A (en) * | 2021-05-21 | 2022-11-25 | 腾讯云计算(北京)有限责任公司 | Data processing method, related device and medium |
-
2023
- 2023-02-14 CN CN202310111370.1A patent/CN115860017B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101719228A (en) * | 2009-11-25 | 2010-06-02 | 北京握奇数据系统有限公司 | Method and device for data management of intelligent card |
| CN104899496A (en) * | 2014-09-26 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Data reading method and terminal for same |
| US20170372180A1 (en) * | 2015-10-09 | 2017-12-28 | Tencent Technology (Shenzhen) Company Limited | Smart card read/write method and apparatus |
| CN108763979A (en) * | 2018-05-15 | 2018-11-06 | 苏州澄怀科技有限公司 | A kind of system and method that card application is written to smart card by mobile terminal |
| CN111862470A (en) * | 2020-08-18 | 2020-10-30 | 天津速越科技有限公司 | One-to-many virtual card reading method based on IC card and virtual card reader |
| WO2022217714A1 (en) * | 2021-04-16 | 2022-10-20 | 平安科技(深圳)有限公司 | Data collision method, apparatus and device, and computer-readable storage medium |
| CN115391795A (en) * | 2021-05-21 | 2022-11-25 | 腾讯云计算(北京)有限责任公司 | Data processing method, related device and medium |
| CN114519360A (en) * | 2022-01-29 | 2022-05-20 | 金蝶软件(中国)有限公司 | Data reading and writing method, login method and device of business system and computer equipment |
Non-Patent Citations (2)
| Title |
|---|
| KAUR 等: "Data encryption using different techniqwues:a review" * |
| 李济洋 等: "基于加密SD卡的内网移动终端可信接入方案" * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115860017B (en) | 2023-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9659160B2 (en) | System and methods for authentication using multiple devices | |
| US9380058B1 (en) | Systems and methods for anonymous authentication using multiple devices | |
| KR102466166B1 (en) | Processing electronic tokens | |
| CN111787530B (en) | Block chain digital identity management method based on SIM card | |
| CN109740384A (en) | Data based on block chain deposit card method and apparatus | |
| US20050188219A1 (en) | Method and a system for communication between a terminal and at least one communication equipment | |
| US10237072B2 (en) | Signatures for near field communications | |
| CN111552935B (en) | Block chain data authorized access method and device | |
| CA2879910C (en) | Terminal identity verification and service authentication method, system and terminal | |
| WO2009050324A1 (en) | Credential provisioning | |
| WO2013182154A1 (en) | Method, system and terminal for encrypting/decrypting application program on communication terminal | |
| CN109412812A (en) | Data safe processing system, method, apparatus and storage medium | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| CN110876144A (en) | Mobile application method, device and system of identity certificate | |
| JP2020507823A (en) | Authentication server, authentication system and method | |
| KR101379711B1 (en) | Method for file encryption and decryption using telephone number | |
| KR101358375B1 (en) | Prevention security system and method for smishing | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN109302442B (en) | Data storage proving method and related equipment | |
| CN109302425A (en) | Identity identifying method and terminal device | |
| CN105743883B (en) | A kind of the identity attribute acquisition methods and device of network application | |
| CN115860017B (en) | Data processing method and related device | |
| US20150302506A1 (en) | Method for Securing an Order or Purchase Operation Means of a Client Device | |
| CN105245526B (en) | Call the method and apparatus of SIM card application | |
| CN110098915B (en) | Authentication method and system, and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |