CN115879157A - Data security search method and device, equipment, medium and product thereof - Google Patents
Data security search method and device, equipment, medium and product thereof Download PDFInfo
- Publication number
- CN115879157A CN115879157A CN202211689421.0A CN202211689421A CN115879157A CN 115879157 A CN115879157 A CN 115879157A CN 202211689421 A CN202211689421 A CN 202211689421A CN 115879157 A CN115879157 A CN 115879157A
- Authority
- CN
- China
- Prior art keywords
- original text
- original
- lemmas
- ciphertext
- list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application relates to a data security search method and a device, equipment, medium and product thereof, wherein the method comprises the following steps: responding to an external search request, and obtaining a query statement carried by the request; performing word segmentation on the query sentence to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas; performing search on an index database based on the ciphertext lemmas to obtain an original text identification list, wherein the original text identification list comprises a plurality of original text identifications, the original text identifications point to original texts stored in an external server in an encrypted manner, and the original texts carry at least one original lemma corresponding to the ciphertext lemma; and pushing the original text identification list to a requester of the external search request. The method and the system avoid the possibility of obtaining the original text or a plurality of original word elements thereof from the search server to deduce the original text, and fundamentally ensure the data security of the original text data under the platform architecture.
Description
Technical Field
The application relates to the e-commerce data security technology, in particular to a data security searching method and a device, equipment, medium and product thereof.
Background
The network architecture corresponding to the commodity search scene of the e-commerce platform usually comprises a data server for storing commodity information, a search server for executing commodity search and a business server for providing front-end response for terminal users, and the network architecture is relatively complex, but the work division of each server is clear.
Due to the requirement of data security, various information stored in the data server, including but not limited to commodity information, user information, etc., can be stored in an encrypted form, but the search server executes corresponding search operation by establishing indexes of various original data in the data server, returns the identifications of various original data after search to the requester, and the requester additionally acquires decryption information corresponding to the identifications from the data server.
In the conventional technology, in order to facilitate the search server to implement data search, the data server as an external server transparently transmits a plaintext obtained by decrypting original data to the search server, and as a basis for querying the data server, although the search server may reduce the chance of illegally obtaining the plaintext as much as possible in various ways, the plaintext is still stored in a bottom layer frame of the search server and is only presented in a service layer frame of the search server in a way that is not easily known. Therefore, the plaintext data in the search server can still be attacked and stolen theoretically, and data leakage is easily caused.
Data leakage is unacceptable for e-commerce platforms and, therefore, attempts must be made to eliminate the possibility of platform data leakage through search servers at all sources.
Disclosure of Invention
The present application aims to solve the above problems and provide a data security search method, and a corresponding apparatus, device, non-volatile readable storage medium, and computer program product.
According to one aspect of the application, a data security searching method is provided, which comprises the following steps:
responding to an external search request, and obtaining a query statement carried by the request;
segmenting words of the query sentence to obtain a plurality of corresponding original word elements, and encrypting the original word elements into corresponding ciphertext word elements;
executing search on an index database based on the ciphertext lemmas to obtain an original text identification list, wherein the original text identification list comprises a plurality of original text identifications, the original text identifications point to original text which is encrypted and stored in an external server, and the original text carries at least one original lemma corresponding to the ciphertext lemma;
and pushing the original text identification list to a requester of the external search request.
Optionally, responding to the user search request, before obtaining the query statement carried by the request, the method includes:
acquiring the original text and the original text identification thereof which are input after the external server decrypts the original text;
dividing words of each original text to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas;
establishing an index database based on the ciphertext lemmas and original text identifications of original texts from the ciphertext lemmas, and expressing the original text identifications of the original texts carrying the ciphertext lemmas in the index database by taking the ciphertext lemmas as index items;
and destroying the original text and the original lemmas obtained by word segmentation of the original text from a storage medium.
Optionally, obtaining a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas includes:
performing dictionary matching on the query sentence/the original text by a preset encryption plug-in to realize word segmentation and obtain a plurality of corresponding original word elements, wherein the query sentence/the original text contain commodity description information expressed in natural language;
and the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma, wherein the keys used by each ciphertext lemma corresponding to the same query sentence/original text are different keys generated according to the same preset algorithm.
Optionally, obtaining a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas includes:
performing multi-element word segmentation on the query statement/the original text by a preset encryption plug-in to obtain a plurality of original word elements with the corresponding character number determined, wherein the query statement/the original text contains sequence information formed by character serialization coding;
and the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma, wherein the keys used by each ciphertext lemma corresponding to the same query sentence/original text are different keys generated according to the same preset algorithm.
Optionally, after the pushing the original text identifier list to the requester of the external search request, the method includes:
initiating a corresponding original text acquisition request in the original text identification list to the external server by the request party;
the external server responds to the original text acquisition request, decrypts the encrypted original text corresponding to the original text identification in the original text identification list, acquires a corresponding original text structure and returns the corresponding original text structure as an original text list to the requesting party;
and the requester receives the original text list returned by the external server, and acquires the summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
Optionally, pushing the original text identifier list to the requester of the external search request includes:
generating a digital signature corresponding to the original text identification list, and storing the digital signature in a record list;
and sending the original text identification list and the digital signature to the requester.
Optionally, after sending the textual identifier list and the digital signature together to the requestor, the method includes:
initiating a corresponding original text acquisition request in the original text identification list by the request party to the external server, wherein the digital signature corresponding to the original text identification list is carried in the original text acquisition request;
the external server responds to the original text acquisition request and inquires the record list to check the validity of the digital signature;
after the external server confirms that the digital signature is put on record, the integrity of the original text identification list is checked by using the digital signature;
after the integrity check is passed, the external server decrypts the encrypted original text corresponding to the original text identifier in the original text identifier list, obtains a corresponding original text structure and returns the original text list to the requesting party;
and the requester receives the original text list returned by the external server, and acquires summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
According to another aspect of the present application, there is provided a data security search apparatus, including:
the statement acquisition module is arranged to respond to an external search request and acquire an inquiry statement carried by the request;
the word segmentation processing module is used for segmenting words of the query sentence to obtain a plurality of corresponding original word elements and encrypting the original word elements into corresponding ciphertext word elements;
the search execution module is used for executing search on an index database based on the ciphertext morphemes to obtain an original text identification list, wherein the original text identification list comprises a plurality of original text identifications, the original text identifications point to original text which is encrypted and stored in an external server, and the original text carries at least one original morpheme corresponding to the ciphertext morpheme;
and the result pushing module is used for pushing the original text identification list to the requester of the external search request.
According to another aspect of the present application, there is provided a data security search apparatus, comprising a central processing unit and a memory, wherein the central processing unit is configured to invoke and run a computer program stored in the memory to perform the steps of the data security search method described in the present application.
According to another aspect of the present application, a non-volatile readable storage medium is provided, which stores a computer program implemented according to the data security search method in the form of computer readable instructions, and when the computer program is called by a computer, the computer program executes the steps included in the method.
According to another aspect of the present application, there is provided a computer program product comprising computer programs/instructions which, when executed by a processor, implement the steps of the method described in any one of the embodiments of the present application.
Compared with the prior art, the method and the device have the advantages that words are divided for query sentences to obtain a plurality of original morphemes, then the original morphemes are encrypted to obtain encrypted morphemes, then the encrypted morphemes of the query sentences are utilized to query a corresponding original text identification list in an index database, the encrypted morphemes are used as indexes in advance in the index database to represent original text identifications of original texts carrying the original morphemes corresponding to the encrypted morphemes, and therefore the matched original text identification list is obtained for the query sentences based on encryption operation in the whole process, and a requester can obtain the original texts through the original text identification list. According to the method, the original text is stored in the external server in an encrypted form, the search is executed in the search server for the query statement, in the process of executing the search, the encrypted lemma obtained by encrypting the original lemma after the word segmentation of the original text is used as the index, and the index database is correspondingly constructed by the original text carrying the original lemma pointed by the index, so that the search server executing the query does not need to store the original text or the original lemma, the possibility of obtaining the original text or a plurality of original lemmas thereof from the search server to deduce the original text is avoided, and the data security of the original text data under a platform architecture is ensured fundamentally.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic network architecture diagram of an application environment according to the present invention;
FIG. 2 is a schematic flow chart diagram illustrating an embodiment of a secure data search method according to the present application;
FIG. 3 is a schematic flow chart illustrating the construction of an index database according to an embodiment of the present application;
fig. 4 is a schematic flowchart illustrating a process of obtaining an original text list according to an original text identifier list in an embodiment of the present application;
FIG. 5 is a flow chart illustrating transmission of a digital signature associated with a textual identifier list in an embodiment of the present application;
fig. 6 is a schematic flowchart illustrating a process of obtaining an original text list according to an original text identifier list and a digital signature thereof in an embodiment of the present application;
FIG. 7 is a functional block diagram of a data security search apparatus according to the present application;
fig. 8 is a schematic structural diagram of a data security search device used in the present application.
Detailed Description
Referring to fig. 1, an exemplary network architecture adopted in an e-commerce application scenario in the present application includes a terminal device 80, a search server 81, a data server 82, and a service server 83. The search server 81 serves as a main execution main body of the data security search method, runs a computer program product programmed according to the method, and executes each step of the method through the running of the computer program product, so that a search system is provided, and the technical purpose of the application is achieved. The data server 82 is an external server to the search server. The data server 82 is used for storing various original information, such as various commodity information, user information, etc. in the e-commerce platform application scenario, the original information is usually stored by encrypting on the basis of its original text. The service server 83 may serve as a requester for making various network requests to the search server 81 and the data server 82, and may be used as a stand-alone station for deploying online stores, thereby opening an online store use service to users on the terminal devices 80. The user on the terminal device may submit a query statement to the service server 83, the service server 83 queries the search server 81 for the original text identification document matched with the query statement based on the query statement initiating request, and further the service server 83 may initiate a request to the data server 82 to obtain the original text pointed by the original text identification in the original text identification list.
Referring to fig. 2, based on the above-disclosed principle, a method for searching data safely according to the present application, in one embodiment, includes the following steps:
step S1100, responding to an external search request, and obtaining a query statement carried by the request;
in order to facilitate understanding of the technical solution of the present application, an exemplary service scenario is introduced, where the service scenario is a commodity information search scenario in an e-commerce platform based on an independent station. When the commodity information search needs to be executed, a business server where the independent station is located obtains an inquiry statement, an external search request is triggered based on the inquiry statement, the external search request is sent to a search server, and the search server responds to the external search request to execute the search process of the commodity information.
For the service server, the query statement may be obtained by a computer process in the service server according to its inherent service logic and based on stored data, for example, when the service server needs to obtain an associated order number of a certain target order number, the target order number may be used as the query statement and encapsulated in the external search request. The query statement may also be submitted by a user in the terminal device, including a consumer user or a merchant user at the independent station, for example, when the consumer user needs to execute a similar commodity of a certain commodity, a natural statement such as "sports shoes for running" is input in a search page at the independent station and submitted to a service server at the independent station, and the service device may use the natural statement as the query statement to package the external search request.
For the search server, after the search system deployed and operated therein receives the external search request submitted by the service server, the external search request can be analyzed to obtain the query statement carried therein. In one embodiment, the search server may format the query statement, including but not limited to removing stop words, deleting punctuation and invalid characters, etc.
In addition to the embodiment that the service server is used as a request party to submit the external search request to the search server, in some other embodiments, when the search server is exposed as a front-end server to a terminal device for access, the terminal device may be used as a request party of the external search request to directly send the external search request to the search server. And the result data obtained after the search server executes the search is finally returned to the corresponding requesting party.
Step S1200, performing word segmentation on the query sentence to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas;
in order to execute the search, the query statement is firstly subjected to word segmentation processing by a search system which is deployed and operated in the search server so as to be segmented into a plurality of original word elements.
In one embodiment, when performing word segmentation on the query sentence, the word segmentation may be implemented by using a word segmentation unit, where the word segmentation unit refers to a preset dictionary, and independently extracts the lemma in the query sentence corresponding to the preset dictionary as the original lemma, and so on to determine a plurality of original lemmas in the query sentence. It is understood that, in this case, a nesting relationship in the content is allowed in the plurality of original lemmas, that is, one of the original lemmas may nest another original lemma, for example: the original word element sports shoes contain original word elements sports shoes. Therefore, the method can obtain the semantics expressed by the query sentence to the maximum extent by segmenting the query sentence, thereby ensuring that the most comprehensive search result is obtained subsequently. The word segmentation is carried out based on the dictionary, original word elements with complete ideographs can be accurately obtained, and the method is suitable for natural language expression texts, for example, commodity description information in an e-commerce platform is the texts.
In another embodiment, when performing word segmentation on the query sentence, the word segmentation may be implemented based on a multivariate word segmentation algorithm, for example, an N-Gram algorithm based on statistics, where N represents the number of elements, i.e., how many characters can be valued as needed. For example, for the sequence "ABC", taking N =2 as an example, two original lemmas "AB" and "BC" may be obtained, and of course, a plurality of different N values may be simultaneously adopted to change the word segmentation length, so as to obtain different original lemmas at different granularities, for example, for "ABC", in addition to obtaining two original lemmas by performing word segmentation with N =2, the original lemmas "ABC" may be obtained by performing word segmentation with N =3, so that the original lemma set { AB; BC; ABC, it can be seen that the original lemmas in the query sentence can be obtained at different word length granularities by setting the numerical value of N for word segmentation as required, and the semantics expressed by the query sentence can be obtained to the maximum extent, so that the most comprehensive search result can be obtained subsequently. The word segmentation is carried out based on the statistical algorithm, the operation amount is small, the efficiency is high, and the method is more suitable for sequence information formed by character serialization coding, for example, order numbers in an E-commerce platform are the sequence information.
In another embodiment, for the same query statement, the two word segmentation modes of dictionary matching and statistical algorithm in the two previous embodiments may be combined for processing, then the original word element sets in the word segmentation results of the two are compared, and the intersection or union of the two is determined as required to serve as the finally determined effective original word element set, so as to realize comprehensive utilization of the advantages of the different word segmentation modes, and to solve the balance between the search recall ratio and the precision ratio. It is understood that when taking intersection, the focus is on the pursuit of recall ratio, and when taking union, the focus is on the pursuit of precision ratio.
No matter how the word segmentation is carried out, after the word segmentation, a word element sequence corresponding to the query sentence can be finally obtained, wherein the word element sequence comprises a plurality of original word elements. According to the method and the device, because the search is carried out in the search server in an encrypted data mode, the plurality of original word elements need to be encrypted one by one according to a preset encryption rule.
When each original lemma of the query statement is encrypted, the adopted encryption algorithm can be processed by adopting various ready-made algorithms, such as a confusion encryption algorithm, a symmetric encryption algorithm and the like, and the basic principle is that a key is adopted to carry out encryption operation on the original lemma, so that the original lemma is changed into an expression text with unrecognizable original meaning as a corresponding ciphertext lemma, and therefore, even if the ciphertext lemma is stolen, the original lemma is difficult to directly recognize, and information leakage is avoided.
More importantly, various information units in the index database for supporting the implementation of the search service are also stored in a ciphertext manner, so that the original lemmas of the query statement need to be converted into corresponding ciphertext lemmas. It is understood that, considering that the ciphertext lemma encrypted by the original lemma of the query sentence needs to keep consistent with the corresponding ciphertext lemma in the index database in content, when the original lemma of the query sentence is encrypted, the same or corresponding encryption algorithm and key as those used in the index database should be kept, so that the ciphertext obtained by encrypting the same lemma can be obtained on both the query sentence side and the index database side.
In order to improve encryption security, in a preset encryption algorithm adopted in some embodiments, the principle is to identify different original lemmas in the same query statement, and to encrypt the original lemmas with different category attributes by using different keys, the encryption algorithm is also similarly applicable to an index database, and only after different original lemmas are encrypted by using different keys, the completely same ciphertext content does not appear. The distinction of the class attributes of the lemmas can be implemented by means of a preset mapping table or a deep learning-based classification model, in short, one lemma can determine one corresponding class attribute, such as different class attributes of verbs, nouns and the like, or different class attributes of Chinese, english and the like. It can be seen that, due to the unified constraint of the algorithm, it can be ensured that the lemmas with different types of attributes are distinguished to apply corresponding keys for encryption, even in the same query statement or the same index database, multiple keys are required to crack all ciphertext lemmas, but it is obviously very difficult to obtain all multiple keys, and thus it becomes more difficult to operate to expect to obtain confidential information by cracking the lemmas.
Therefore, after the plurality of original lemmas of the query statement are encrypted one by one to obtain corresponding ciphertext lemmas, ciphertext lemma sequences corresponding to the query statement are obtained, and searching can be performed in the index database according to the ciphertext lemma sequences.
the index database of the application is constructed in advance, wherein ciphertext lemmas are used as index items, mapping relation data between the ciphertext lemmas and original text identifications of original texts carrying the ciphertext lemmas are established, namely, one ciphertext lemmas is provided, one or more corresponding original text identifications can be determined, the original texts pointed by the original text identifications are stored in an external server such as an exemplary data server of the application, and the plain texts carrying the ciphertext lemmas, namely the original lemmas corresponding to the ciphertext lemmas, are stored in the external server.
As for the original text pointed by the original text identification and the original lemma of the ciphertext lemma, the original lemma is not stored in the index database, nor in the whole search system and the whole search server, that is, any plaintext data related to the index database cannot be obtained from the search server, and the possibility of obtaining any original text through the search server is avoided.
The indexing architecture in the index database is actually an index deployment of a raw database in the data server, and the raw database can store any type of data, such as commodity information data in an exemplary e-commerce platform.
As described above, the ciphertext lemmas in the index database are also encrypted by applying corresponding encryption algorithms and keys to the original lemmas in the original texts corresponding to the ciphertext lemmas, and may exhibit different characteristics according to different implementations, for example, all of the ciphertext lemmas may be encrypted based on the same key and a unified algorithm, or may be encrypted by applying corresponding different keys according to different type attributes of the corresponding original lemmas under the coordination of the unified encryption algorithm.
When the index database is searched based on all ciphertext lemmas of the query sentence, determining corresponding mapping relation data of each ciphertext lemma, obtaining one or more original text identifications corresponding to each ciphertext lemma, and finally constructing all original text identifications corresponding to all ciphertext lemmas of the query sentence into an original text identification list, namely completing the searching process in the index database.
In some embodiments, after the original text identifier list is obtained, the original text identifier list may be refined, ranked and preferred, for example, the number of ciphertext tokens in which each original text identifier hits the query statement may be counted, the hit number corresponding to each original text identifier may be determined, then, the hit number of the original text identifier may be utilized, the first plurality of original text identifiers with the largest hit number in the original text identifier list may be retained, and other original text identifiers with lower hit numbers may be filtered out, so that the finally obtained original text identifier list has a higher precision ratio.
And step S1400, pushing the original text identification list to a requester of the external search request.
After the original text identification list is obtained, the search server can push the original text identification list to a corresponding requester, and the requester can automatically obtain the original text corresponding to the original text identification in the original text identification list from the data server according to the original text identification list, so that the service logic between the search server and the data server is safely decoupled to the maximum extent, and a complete search service process can be provided in close cooperation.
When the requesting party is a server exposed at the front end, for example, a service server of the on-line shop, the service server may also push the corresponding original text list to the terminal device side as needed after acquiring the corresponding original text list according to the original text identification list. And when the request is that the request is the terminal equipment, directly sending the obtained original text list to the terminal equipment for further utilization.
According to the embodiments, the query statement is firstly subjected to word segmentation to obtain a plurality of original lemmas, then the original lemmas are encrypted to obtain encrypted lemmas, then the encrypted lemmas of the query statement are utilized to query a corresponding original text identification list in an index database, the index database takes the encrypted lemmas as indexes to represent original text identifications of original texts carrying the original lemmas corresponding to the encrypted lemmas in advance, and therefore the matched original text identification list is obtained for the query statement based on encryption operation in the whole process, and a requester can obtain the original text through the original text identification list. According to the method, the original text is stored in the external server in an encrypted form, the search is executed in the search server for the query statement, and in the process of executing the search, the encrypted word elements obtained by encrypting the original word elements after the word segmentation of the original text are used as indexes, and the index database is correspondingly constructed by the original text carrying the original word elements pointed by the indexes, so that the search server executing the query does not need to store the original text or the original word elements, the possibility of obtaining the original text or a plurality of original word elements thereof from the search server to deduce the original text is eliminated, and the data security of the original text data under a platform architecture is ensured from the source.
On the basis of any embodiment of the present application, referring to fig. 3 for constructing an index database of the present application, before responding to a search request of a user and obtaining a query statement carried by the request, the method includes:
step S2100, acquiring the original text and the original text identification thereof which are input after the external server decrypts the original text;
the search server builds the basis of its index database, relying on the data server as an external server to transfer the text and its corresponding text identification stored in its original database, which is usually also stored encrypted for the text in its original database, and only decrypted when called, in order to maximally ensure the data security of the platform. The external server can transmit the original texts and the original text identifications of the data in the original database to the search server through a message queue, and transmit each original text carrying the corresponding original text identification to the search server through the message queue one by one.
Step S2200, performing word segmentation on each original text to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas;
and performing word segmentation processing on each original text listed from the message queue by the search server, wherein the adopted word segmentation algorithm can be an algorithm based on dictionary matching or an algorithm based on statistical word segmentation as described above, and in short, each original text can be subjected to word segmentation to obtain a plurality of corresponding original lemmas. Correspondingly, each original lemma is encrypted according to the encryption principle described above, so as to obtain a corresponding ciphertext lemma. The encryption algorithm, the encryption key, etc. used in encryption may also be flexibly selected as described in the foregoing embodiments.
Step S2300, establishing an index database based on the ciphertext lemmas and original text identifications of original texts from the ciphertext lemmas, and enabling the index database to represent the original text identifications of the original texts carrying the ciphertext lemmas by taking the ciphertext lemmas as index items;
after obtaining the ciphertext lemmas of the original lemmas in the original text, mapping relation data corresponding to the ciphertext lemmas can be established in an index database of a search server, in the mapping relation data, the ciphertext lemmas serve as index items, and original text identifications of the original text of the source to which the ciphertext lemmas belong serve as corresponding numerical values.
After all the original texts provided by the data server are processed in the above process, because the same ciphertext lemma may be included in a plurality of original texts, in the index database, the same indexing item, that is, the same ciphertext lemma may be mapped to a plurality of original text identifications correspondingly. The more the original text identifiers mapped by one ciphertext word element, the higher the use frequency of the ciphertext word element, and the more the original text identifiers obtained by recalling the ciphertext word element.
And step S2400, destroying the original text and the original lemmas obtained by word segmentation of the original text from a storage medium.
After the construction of the index database is completed through the above processes, in consideration of the requirement of data security, the original text and the original lemmas obtained by the word segmentation of the original text transmitted by the external server should be deleted and destroyed from the storage medium of the search server, including the local hard disk, the cache, the memory and the like, so that the plaintext data of the original text provided by the external server cannot be obtained at each level of the system architecture of the whole search server, no matter the service layer, the system bottom layer or other layers. In one embodiment, the destruction operation of the original text and the original lemmas thereof can be executed after the original text identification is added to the index database after each processing is finished.
According to the embodiments, after the original text provided by the external server is segmented to obtain the original lemma, the original lemma is encrypted to obtain the ciphertext lemma, the ciphertext lemma is used as an index item, mapping relation data is constructed with the original text identifier of the original text from the original text, the mapping relation data is stored in the index database, the local index construction of the original text of the external server is realized, the index database stores the index information of the original text in a non-plaintext mode, basic data can be provided for a search system to perform search, the original text data cannot be leaked from the search server, the service logic of the search server is more independent and safer, and the data safety of large platforms such as e-commerce platforms and the like is remarkably improved.
In some embodiments of the present application, the service logic that performs word segmentation on the query statement and the original text to obtain the original lemma and encrypts the original lemma is implemented as an encryption plug-in, so as to improve multiplexing efficiency of the same service logic. When the search system needs to perform word segmentation and encryption on the query statement or the original text, calling a corresponding interface provided by the encryption plug-in, and transmitting the corresponding query statement or the original text to the corresponding interface, wherein the interface is used for performing subsequent processing by taking the query statement or the original text as the input parameter.
Accordingly, in one embodiment, obtaining a plurality of original lemmas corresponding to the original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas includes:
step S3110, performing dictionary matching on the query statement/the original text by a preset encryption plug-in to realize word segmentation, and obtaining a plurality of corresponding original lemmas, wherein the query statement/the original text contain commodity description information expressed in natural language;
the encryption plug-in receives the input parameter, wherein the input parameter is commodity description information adopted in an e-commerce platform, namely the query statement or the original text such as a commodity title, and in consideration of the fact that the commodity description information such as the commodity title is expressed by depending on natural language, a preset dictionary is used for matching to realize word segmentation so as to obtain a plurality of original word elements.
And S3120, the encryption plug-in encrypts the original lemmas one by one to obtain corresponding ciphertext lemmas, and the keys used by the ciphertext lemmas corresponding to the same query statement/original text are different keys generated according to the same preset algorithm.
The encryption plug-in also presets a corresponding encryption algorithm, and can decide to perform corresponding encryption on each original lemma by adopting a corresponding key, so that for each original lemma obtained by the participated word segmentation, the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma. In this embodiment, according to the manner disclosed above, in the encryption algorithm, the category attribute of the encrypted original lemma is determined first, and then the corresponding original lemma is encrypted according to the key corresponding to the determined category attribute, so that even if different original lemmas are in the same query statement or the same original text, different keys may still be used for encryption, and a plurality of ciphertext lemmas obtained finally cannot be decrypted by a single key, thereby improving the security of the basic data of the whole search system.
According to the embodiment, with the efficient help of the encryption plug-in preset by the search system, the commodity description information such as the commodity title is segmented by the dictionary and then encrypted, and further encrypted by adopting corresponding different keys according to the category attribute of the original lemma before encryption, so that the independent semantics of the ciphertext lemma can be ensured to accord with the natural language habit, and the data security can be ensured.
In another embodiment, obtaining a plurality of original lemmas corresponding to the original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas includes:
step S3210, performing multi-element word segmentation on the query sentence/the original text by a preset encryption plug-in to obtain a plurality of original lemmas with corresponding character numbers determined, wherein the query sentence/the original text contains sequence information formed by character serialization coding;
different from the previous embodiment, in the present embodiment, the reference processed by the encryption plug-in, that is, the query statement or the original text, belongs to sequence information such as an order number in the e-commerce platform, and such sequence information is usually formed by character serialization coding, and the same type also includes a user ID and a commodity ID, that is, SKU, SPU, and the like. For the sequence information, considering that the character combinations have no obvious semantic function, the method adopts a statistical word segmentation algorithm such as N-Gram with more efficient operation to directly cut words to obtain a plurality of corresponding original word elements.
Step S3220, the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma, and the keys used by each ciphertext lemma corresponding to the same query statement/original text are different keys generated according to the same preset algorithm.
Similarly, the encryption plug-in also presets a corresponding encryption algorithm, and can decide to perform corresponding encryption on each original lemma by using a corresponding key, so that for each original lemma obtained by the participated word segmentation, the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma. In this embodiment, according to the manner disclosed above, in the encryption algorithm, the category attribute of the encrypted original lemma is determined first, and then the corresponding original lemma is encrypted according to the key corresponding to the determined category attribute, so that even if different original lemmas are in the same query statement or the same original text, different keys may still be used for encryption, and a plurality of ciphertext lemmas obtained finally cannot be decrypted by a single key, thereby improving the security of the basic data of the whole search system.
According to the embodiment, with the high-efficiency help of the encryption plug-in preset by the search system, the sequence information such as the order number and the commodity ID is subjected to word segmentation and then encryption by applying a word segmentation algorithm based on statistics, and further, the encryption is performed by adopting different corresponding keys according to the category attribute of the original lemma before encryption, so that a high-efficiency processing result can be obtained, and the data security can be ensured.
On the basis of any embodiment of the present application, referring to fig. 4, after pushing the textual identification list to the requester of the external search request, the method includes:
step S4100, the request party initiates a corresponding original text acquisition request in the original text identification list to the external server;
after the search server returns the original text identification list obtained by the search server to the requester, for example, the service server, may initiate a corresponding original text obtaining request to the external server, for example, the data server, which stores the ciphertext of the original text, according to the original text identification list, so as to obtain, through the external server, the original text pointed by the original text identification in the original text identification list.
Step S4200, the external server responds to the original text acquisition request, decrypts the encrypted original text corresponding to the original text identifier in the original text identifier list, acquires a corresponding original text, constructs the original text as an original text list and returns the original text list to the requester;
and after receiving the original text acquisition request, the external server analyzes the original text acquisition request to obtain the original text identification list, then traverses the original text identification list, acquires corresponding encrypted original text for each original text identification in the original text identification list, namely the ciphertext of the original text, and then performs corresponding decryption operation according to the decryption service logic corresponding to the original text encrypted by the external server to obtain the corresponding original text. And the external server constructs all the original texts obtained by decrypting each original text identification into an original text list, and then returns the original text list to the requesting party for further processing and utilization.
Step S4300, the requester receives the original text list returned by the external server, and obtains summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
After the requester receives the original text list returned by the external server, other associated data may be further obtained according to the original text in the original text list, for example, in an embodiment, when the original text in the original text list is a product ID, after the service server receives the original text list, the product ID may be used to call summary information of a corresponding product item from its product database, including but not limited to a product title, a product price, a product default picture, a product access link, and the like, and then encapsulate the summary information into a summary information list, push the summary information list to a terminal device of a user providing the query statement, and after the terminal device analyzes the summary information list, display the corresponding summary information in a graphical user interface thereof, thereby completing a closed loop of a product search service for the corresponding user. In other embodiments, if the query statement is provided by the service server, the service server does subsequent processing according to the preset service logic without pushing the summary information list.
According to the embodiment, in the network architecture corresponding to the search service, the service server exposed to the interaction of the terminal device can interact with the data server and the search server which are mutually decoupled, and the search service process is completed under the cooperation of the data server and the search server.
On the basis of any embodiment of the present application, referring to fig. 5, pushing the textual identification list to the requester of the external search request includes:
step 1410, generating a digital signature corresponding to the original text identifier list, and storing the digital signature in a filing list;
in consideration of the requirement of the overall security of the entire search service, in the process of pushing the original text identification list to the external search request requester by the search server, a digital signature corresponding to the original text identification list may be further generated, and specifically, a digital digest algorithm such as MD5 may be adopted to operate on the original text identification list to generate a corresponding digital signature. The digital signature is then stored in a docket list. The docket list may be used to query whether the digital signature was issued by a search server in order to verify source validity.
Step S1420, sending the original text identification list and the digital signature to the requesting party.
After the digital signature of the original text identification list is obtained, the original text identification list is sent to the requesting party, such as the service server of the application, together with the corresponding digital signature. After receiving the digital signature and the original text identification list, the requester may perform corresponding verification, for example, generate a digital signature of the original text identification list according to the same algorithm, and compare the generated digital signature with the digital signature pushed by the search server to verify the integrity of the original text identification list, thereby preventing the obtained original text identification list from being tampered or hijacked in the transmission process, and improving data security.
According to the embodiment, the search server provides the search result, namely the original text identification list, to the outside, generates the corresponding digital signature for the original text identification list, and records the digital signature, so that a technical basis is provided for the subsequent service node to check the multi-aspect safety of the original text identification list, the source legality of the original text identification list can be checked through the digital signature, the full-text integrity of the original text identification list can be checked, the safety measures are rich and complete, and the whole search service is more reliable.
On the basis of any embodiment of the present application, please refer to fig. 6, where after the sending of the textual identification list and the digital signature to the requestor together includes:
step S5100, the request party initiates a corresponding original text acquisition request in the original text identifier list to the external server, where the original text acquisition request carries a digital signature corresponding to the original text identifier list;
after the search server returns the original text identification list obtained by the search server to the requester, for example, the service server, may initiate a corresponding original text obtaining request to the external server, for example, the data server, which stores the ciphertext of the original text, according to the original text identification list, so as to obtain, through the external server, the original text pointed by the original text identification in the original text identification list.
In order to facilitate the security verification of the external server, the original text acquisition request also carries the digital signature of the original text identification list together with the original text identification list. The digital signature may be obtained by the search server performing digital digest operation on the original text identifier list and pushing the obtained result to the requester, and for this purpose, the requester only needs to package the original text identifier list obtained from the search server and the corresponding digital signature together as an original text acquisition request and send the original text acquisition request to the external server.
Step S5200, the external server responding to the original obtaining request, and querying the docket list to check validity of the digital signature;
and after receiving the original text acquisition request, the external server analyzes the original text acquisition request to acquire the original text identification list and the corresponding digital signature thereof, then firstly sends a verification request to the search server, the verification request carries the digital signature, the search server inquires whether the digital signature exists in the record list of the search server, and returns an inquiry result to the external server. The external server identifies the query result, and when the query result indicates that the digital signature does not exist in the record list, the digital signature is illegal, so that the original text acquisition request can be refused to ensure data security; when the inquiry result shows that the digital signature exists in the record list, the digital signature is legal and is sourced from the search server, and therefore the subsequent business logic can be continued.
Step S5300, after the external server confirms that the digital signature is already put on record, performing integrity check on the original text identifier list by using the digital signature;
after the external server confirms that the digital signature is already recorded in the recording list through the query result, the digital signature can be further used for verifying the data integrity of the original text identification list.
Specifically, the external server applies a digital digest generation algorithm consistent with a search server pre-protocol to operate an original text identification list analyzed from the original text acquisition request to generate a corresponding digital signature, then compares the digital signature obtained by the operation with the digital signature analyzed from the original text acquisition request, and when the digital signature obtained by the operation of the external server is inconsistent with the digital signature analyzed from the original text acquisition request, the external server indicates that the original text identification list is tampered, so that the original text acquisition request can be rejected, and data security is protected. When the two are consistent, the original text identification list is generated by the search server and is not tampered in the transmission process, wherein the full text data is complete, and therefore the follow-up business logic can be continued through the verification of the full text data.
Step S5400, after the integrity check is passed, the external server decrypts the encrypted original text corresponding to the original text identifier in the original text identifier list, obtains the corresponding original text and constructs the original text as an original text list to be returned to the requesting party;
after the external server completes the integrity check of the original text identification list obtained by the external server by using the digital signature, the external server can traverse the original text identification list to obtain a corresponding encrypted original text for each original text identification, namely the ciphertext of the original text, and then perform corresponding decryption operation according to the decryption service logic corresponding to the original text encrypted by the external server to obtain the corresponding original text. And the external server constructs all the original texts obtained by decrypting each original text identification into an original text list, and then returns the original text list to the requesting party for further processing and utilization.
Step S5500, the requester receives the original text list returned by the external server, and obtains summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
After the requester receives the original text list returned by the external server, other associated data may be further obtained according to the original text in the original text list, for example, in an embodiment, when the original text in the original text list is a product ID, after the service server receives the original text list, the product ID may be used to call summary information of a corresponding product item from its product database, including but not limited to a product title, a product price, a product default picture, a product access link, and the like, and then encapsulate the summary information into a summary information list, push the summary information list to a terminal device of a user providing the query statement, and after the terminal device analyzes the summary information list, display the corresponding summary information in a graphical user interface thereof, thereby completing a closed loop of a product search service for the corresponding user. In other embodiments, if the query statement is provided by the service server, the service server does subsequent processing according to the preset service logic without pushing the summary information list.
According to the embodiment, in the network architecture corresponding to the search service, the service server exposed to the interaction of the terminal device can interact with the data server and the search server which are mutually decoupled, and the search service process is completed under the cooperation of the data server and the search server.
The method has the advantages that the search server generates a corresponding digital signature for the original text identification list and records the digital signature, then the digital signature and the original text identification list are transmitted to the requester, the requester transmits the original text identification list and the digital signature to the external server, and the external server can inquire the recorded list of the search server according to the digital signature to determine the source validity of the digital signature and can calculate the digital signature by using a digital digest algorithm to compare the digital signature so as to verify the data integrity of the original text identification list in the transmission process. Therefore, a safety mechanism of the search service is comprehensively constructed, and a large-scale platform can be ensured to provide a safe access mechanism.
Referring to fig. 7, a data security search apparatus according to an aspect of the present application includes a statement acquisition module 1100, a word segmentation processing module 1200, a search execution module 1300, and a result pushing module 1400, where the statement acquisition module 1100 is configured to respond to an external search request and obtain an inquiry statement carried by the request; the word segmentation processing module 1200 is configured to perform word segmentation on the query sentence to obtain a plurality of corresponding original lemmas, and encrypt the original lemmas into corresponding ciphertext lemmas; the search execution module 1300 is configured to execute a search on an index database based on the plurality of ciphertext tokens to obtain an original text identifier list, where the original text identifier list includes a plurality of original text identifiers, the original text identifiers point to original text encrypted and stored in an external server, and the original text carries at least one original token corresponding to the ciphertext token; the result pushing module 1400 is configured to push the original text identifier list to a requester of the external search request.
On the basis of any embodiment of the present application, the data security search device of the present application includes: the original text transmission module is used for acquiring the original text and the original text identification thereof which are transmitted after the external server decrypts the original text; the original text word segmentation module is used for segmenting each original text to obtain a plurality of corresponding original lemmas and encrypting the original lemmas into corresponding ciphertext lemmas; the index construction module is used for establishing an index database based on the ciphertext lemmas and original text identifications of original texts from the ciphertext lemmas so that the original text identifications of the original texts carrying the ciphertext lemmas are represented in the index database by taking the ciphertext lemmas as index items; and the original text destruction module is used for destroying the original text and the original lemma obtained by the word segmentation of the original text from a storage medium.
On the basis of any embodiment of the present application, the word segmentation processing module 1200/the original text word segmentation module includes: the first word segmentation unit is set to perform dictionary matching on the query statement/the original text by a preset encryption plug-in to realize word segmentation and obtain a plurality of corresponding original word elements, and the query statement/the original text contain commodity description information expressed by natural language; the first encryption unit is set to encrypt the original lemmas one by the encryption plug-in unit to obtain corresponding ciphertext lemmas, and the keys used by the ciphertext lemmas corresponding to the same query sentence/original text are different keys generated according to the same preset algorithm.
On the basis of any embodiment of the present application, the word segmentation processing module 1200/the original text word segmentation module includes: the second word segmentation unit is set to perform multi-element word segmentation on the query statement/the original text by a preset encryption plug-in to obtain a plurality of original word elements with the corresponding character number determined, and the query statement/the original text contain sequence information formed by character serialization coding; and the second encryption unit is arranged to encrypt the original lemmas one by the encryption plug-in unit to obtain corresponding ciphertext lemmas, and the keys used by the ciphertext lemmas corresponding to the same query sentence/original text are different keys generated according to the same preset algorithm.
On the basis of any embodiment of the present application, the data security search device of the present application includes: a text request module configured to initiate a corresponding text acquisition request in the text identifier list to the external server from the requester; the original text decryption module is arranged to respond to the original text acquisition request by the external server, decrypt the encrypted original text corresponding to the original text identifier in the original text identifier list, acquire the corresponding original text and construct the original text list to be returned to the requester; and the original text utilization module is set to receive the original text list returned by the external server by the requester, and acquire the abstract information corresponding to the original text according to the original text in the original text list to form an abstract information list.
On the basis of any embodiment of the present application, the result pushing module 1400 includes: the signature record unit is used for generating a digital signature corresponding to the original text identification list and storing the digital signature in a record list; and the sending processing unit is used for sending the original text identification list and the digital signature to the requester.
On the basis of any embodiment of the present application, the data security search device of the present application includes: a text request module configured to initiate a corresponding text acquisition request in the text identifier list to the external server from the requesting party, where the text acquisition request carries a digital signature corresponding to the text identifier list; a legality checking module, configured to respond to the original text acquisition request by the external server, and query the docket list to check the legality of the digital signature; the complete verification module is set to use the digital signature to carry out complete verification on the original text identification list after the external server confirms that the digital signature is already put on record; the original text decryption module is arranged for decrypting the encrypted original text corresponding to the original text identifier in the original text identifier list after the integrity check of the external server is passed, obtaining the corresponding original text and constructing the original text as an original text list to be returned to the requester; and the original text utilization module is set to receive the original text list returned by the external server by the requester, and acquire the abstract information corresponding to the original text according to the original text in the original text list to form an abstract information list.
Another embodiment of the present application also provides a data security search apparatus. As shown in fig. 8, the internal structure of the data security search device is schematically illustrated. The data security search apparatus includes a processor, a computer-readable storage medium, a memory, and a network interface connected through a system bus. The computer-readable non-volatile readable storage medium of the data security search device stores an operating system, a database and computer-readable instructions, the database can store information sequences, and the computer-readable instructions can be executed by a processor to enable the processor to realize a data security search method.
The processor of the data security search device is used for providing calculation and control capability and supporting the operation of the whole data security search device. The memory of the data security search device may have computer readable instructions stored therein, which when executed by the processor, may cause the processor to perform the data security search method of the present application. The network interface of the data security search device is used for connecting and communicating with the terminal.
It will be understood by those skilled in the art that the structure shown in fig. 8 is only a block diagram of a part of the structure related to the present application, and does not constitute a limitation to the data security search device to which the present application is applied, and a specific data security search device may include more or less components than those shown in the figure, or combine some components, or have a different arrangement of components.
In this embodiment, the processor is configured to execute specific functions of each module in fig. 7, and the memory stores program codes and various data required for executing the modules or sub-modules. The network interface is used for realizing data transmission between user terminals or servers. The nonvolatile readable storage medium in the present embodiment stores program codes and data necessary for executing all modules in the data security search device of the present application, and the server can call the program codes and data of the server to execute the functions of all modules.
The present application also provides a non-transitory readable storage medium storing computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the data security search method of any of the embodiments of the present application.
The present application also provides a computer program product comprising computer programs/instructions which, when executed by one or more processors, implement the steps of the method as described in any of the embodiments of the present application.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments of the present application may be implemented by hardware related to instructions of a computer program, which may be stored in a non-volatile readable storage medium, and when executed, may include the processes of the embodiments of the methods as described above. The storage medium may be a computer-readable storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
In summary, in the present application, the original text is stored in the external server in an encrypted form, and a search is performed in the search server for the query statement, during the search, the encrypted lemma obtained by encrypting the original lemma after the word segmentation of the original text is used as an index, and the index database is constructed corresponding to the original text carrying the original lemma pointed by the index, so that the search server performing the query does not need to store the original text or the original lemma, thereby preventing the possibility of obtaining the original text or a plurality of original lemmas thereof from the search server to derive the original text, and fundamentally ensuring the data security of the original text data under the platform architecture.
Claims (10)
1. A data security search method is characterized by comprising the following steps:
responding to an external search request, and obtaining a query statement carried by the request;
performing word segmentation on the query sentence to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas;
executing search on an index database based on the ciphertext lemmas to obtain an original text identification list, wherein the original text identification list comprises a plurality of original text identifications, the original text identifications point to original text which is encrypted and stored in an external server, and the original text carries at least one original lemma corresponding to the ciphertext lemma;
and pushing the original text identification list to a requester of the external search request.
2. The data security search method of claim 1, wherein, in response to a search request from a user, before obtaining a query statement carried by the request, the method comprises:
acquiring the original text and the original text identification thereof which are input after the external server decrypts the original text;
dividing words of each original text to obtain a plurality of corresponding original lemmas, and encrypting the original lemmas into corresponding ciphertext lemmas;
establishing an index database based on the ciphertext lemmas and original text identifications of original texts from the ciphertext lemmas, and expressing the original text identifications of the original texts carrying the ciphertext lemmas in the index database by taking the ciphertext lemmas as index items;
and destroying the original lemmas obtained by the original texts and the word segmentation thereof from a storage medium.
3. The method of claim 1 or 2, wherein obtaining a plurality of original tokens corresponding to the original tokens, and encrypting the original tokens into corresponding ciphertext tokens comprises:
performing dictionary matching on the query sentence/the original text by a preset encryption plug-in to realize word segmentation and obtain a plurality of corresponding original word elements, wherein the query sentence/the original text contain commodity description information expressed in natural language;
and the encryption plug-in encrypts the original word elements one by one to obtain corresponding ciphertext word elements, wherein the keys used by the ciphertext word elements corresponding to the same query statement/original text are different keys generated according to the same preset algorithm.
4. The method of claim 1 or 2, wherein obtaining a plurality of original tokens corresponding to the original tokens, and encrypting the original tokens into corresponding ciphertext tokens comprises:
performing multi-element word segmentation on the query statement/the original text by a preset encryption plug-in to obtain a plurality of original word elements with the corresponding character number determined, wherein the query statement/the original text contains sequence information formed by character serialization coding;
and the encryption plug-in encrypts each original lemma one by one to obtain a corresponding ciphertext lemma, wherein the keys used by each ciphertext lemma corresponding to the same query sentence/original text are different keys generated according to the same preset algorithm.
5. The method for searching data safely according to claim 1, after pushing the textual identification list to the requester of the external search request, comprising:
initiating a corresponding original text acquisition request in the original text identification list to the external server by the request party;
the external server responds to the original text acquisition request, decrypts the encrypted original text corresponding to the original text identification in the original text identification list, acquires a corresponding original text structure and returns the corresponding original text structure as an original text list to the requesting party;
and the requester receives the original text list returned by the external server, and acquires the summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
6. The method according to claim 1, wherein pushing the textual identification list to a requester of the external search request comprises:
generating a digital signature corresponding to the original text identification list, and storing the digital signature in a record list;
and sending the original text identification list and the digital signature to the requester together.
7. The method for searching data safely according to claim 6, after sending the original text identification list and the digital signature to the requester, comprising:
initiating a corresponding original text acquisition request in the original text identification list by the request party to the external server, wherein the digital signature corresponding to the original text identification list is carried in the original text acquisition request;
the external server responds to the original text acquisition request and inquires the record list to check the validity of the digital signature;
after the external server confirms that the digital signature is put on record, the integrity of the original text identification list is checked by using the digital signature;
after the integrity check is passed, the external server decrypts the encrypted original text corresponding to the original text identifier in the original text identifier list, obtains a corresponding original text structure and returns the original text list to the requesting party;
and the requester receives the original text list returned by the external server, and acquires the summary information corresponding to the original text according to the original text in the original text list to form a summary information list.
8. A data security search apparatus, comprising:
the statement acquisition module is arranged to respond to an external search request and acquire an inquiry statement carried by the request;
the word segmentation processing module is used for segmenting the query sentence to obtain a plurality of corresponding original word elements and encrypting the original word elements into corresponding ciphertext word elements;
the search execution module is configured to execute a search on an index database based on the plurality of ciphertext lemmas to obtain an original text identification list, wherein the original text identification list comprises a plurality of original text identifications, the original text identifications point to original text which is encrypted and stored in an external server, and the original text carries at least one original lemma corresponding to the ciphertext lemma;
and the result pushing module is used for pushing the original text identification list to the requester of the external search request.
9. A data security search device comprising a central processor and a memory, wherein the central processor is configured to invoke execution of a computer program stored in the memory to perform the steps of the method according to any one of claims 1 to 7.
10. A non-transitory readable storage medium, storing a computer program implemented according to the method of any one of claims 1 to 7 in the form of computer readable instructions, the computer program, when invoked by a computer, performing the steps comprised by the corresponding method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211689421.0A CN115879157A (en) | 2022-12-27 | 2022-12-27 | Data security search method and device, equipment, medium and product thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211689421.0A CN115879157A (en) | 2022-12-27 | 2022-12-27 | Data security search method and device, equipment, medium and product thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115879157A true CN115879157A (en) | 2023-03-31 |
Family
ID=85754814
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211689421.0A Pending CN115879157A (en) | 2022-12-27 | 2022-12-27 | Data security search method and device, equipment, medium and product thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115879157A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117910022A (en) * | 2024-03-19 | 2024-04-19 | 深圳高灯计算机科技有限公司 | Data searching method, device, computer equipment, storage medium and product |
-
2022
- 2022-12-27 CN CN202211689421.0A patent/CN115879157A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117910022A (en) * | 2024-03-19 | 2024-04-19 | 深圳高灯计算机科技有限公司 | Data searching method, device, computer equipment, storage medium and product |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10021078B2 (en) | System, apparatus and method for encryption and decryption of data transmitted over a network | |
| US10013574B2 (en) | Method and apparatus for secure storage and retrieval of encrypted files in public cloud-computing platforms | |
| US8473740B2 (en) | Method and system for secured management of online XML document services through structure-preserving asymmetric encryption | |
| US20160299924A1 (en) | Search system | |
| CA2786058C (en) | System, apparatus and method for encryption and decryption of data transmitted over a network | |
| CN109214196B (en) | Data interaction method, device and equipment | |
| CN114398427A (en) | Improving searching ability of special encrypted data | |
| US8990553B2 (en) | Perimeter encryption method and system | |
| CN109271798A (en) | Sensitive data processing method and system | |
| US10903989B2 (en) | Blockchain transaction processing method and apparatus | |
| US10936581B2 (en) | Blockchain transaction processing method and apparatus | |
| CN105827582A (en) | Communication encryption method, device and system | |
| CN115879157A (en) | Data security search method and device, equipment, medium and product thereof | |
| JP4594078B2 (en) | Personal information management system and personal information management program | |
| CN113645226A (en) | Data processing method, device, equipment and storage medium based on gateway layer | |
| CN115757535A (en) | Data query method, data storage method and device and electronic equipment | |
| CN109145645B (en) | Method for protecting short message verification code in android mobile phone | |
| CN110830252A (en) | Data encryption method, device, equipment and storage medium | |
| US11829498B2 (en) | Real-time dynamic blockchain securitization platform | |
| CN118277503A (en) | Text processing method, apparatus, device, medium, and program product | |
| CN112559825B (en) | Service processing method, device, computing equipment and medium | |
| US11727108B2 (en) | Systems and methods for providing secure passwords | |
| US20240028758A1 (en) | Secured Search for Ready-Made Search Software | |
| CN115269504A (en) | Document uploading and storing method, query downloading method, device, equipment and medium | |
| CN116432196A (en) | Database hierarchical encryption for hybrid cloud environments |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |