CN116308689B - Bid insurance application processing device - Google Patents

Abstract

The invention provides a bid insurance application processing device, comprising: the data message receiving module is used for receiving the insuring data message sent by the bidding party from the bidding transaction center; the standard data message adaptation module is used for carrying out message processing by using a corresponding transaction center adapter based on the address of the bidding transaction center to obtain a data message with a unified standard; the order data message acquisition module is used for processing the data message to acquire an application and insurance order data message; and the underwriting mechanism data message conversion module is used for acquiring the underwriting mechanism in the underwriting order data message, converting the underwriting order data message into a data message with the specification required by the underwriting mechanism by using the corresponding underwriting mechanism realization strategy based on the address of the underwriting mechanism, and transmitting the data message to the corresponding underwriting mechanism. The invention can process the application data messages from different bidding transaction centers and can distribute the application data messages to different underwriting institutions.

Description

Bid insurance application processing device

Technical Field

The application relates to the technical field of electronic insurance, in particular to a bid insurance application processing device.

Background

The bid security function refers to a written security commonly issued by a bank, which requires that a bidder submit a bid document together during the bid transaction activity, in order to ensure that the bidder must not cancel the bid document, and that the bid must not be properly covered by the bid after bid. However, in the current bidding transaction activities (such as public resource transaction activities), bidding guarantees of all bidders are mainly obtained by using cash bidding guarantees or paper warranties issued by banks, so that limited fund flows of the bidders are occupied, and the problems that counterfeiting cannot be guaranteed and paper warranties are lost exist.

With the development and popularity of electronic bidding, electronic guaranties have evolved greatly, and the generation of different electronic guaranties may involve different bidding transaction centers and underwriters. The application interfaces of different transaction centers are often incompatible and have large differences, such as different docking port addresses, communication encryption algorithms, data message structures and the like, so that different docking specifications exist. Similarly, the docking interfaces of different underwriting institutions are often incompatible, such as different docking port addresses, communication encryption algorithms, data message structures, and the like.

Disclosure of Invention

In order to solve the technical problems, the invention provides a bid insurance application processing device which can process application data messages from different bidding transaction centers and can distribute the application insurance data messages to different underwriters.

The invention adopts the following technical scheme:

a bid insurance application processing device, comprising:

a data message receiving module configured to receive an applied data message sent by a bidder from a bidding transaction center;

the standard data message adaptation module is configured to process messages by using a corresponding transaction center adapter based on the address of the bidding transaction center to obtain data messages with a unified standard;

the order data message acquisition module is configured to process the data message with the unified specification standard to acquire an application-specific order data message;

the underwriting mechanism data message conversion module is configured to acquire the underwriting mechanism specified in the underwriting order data message, convert the underwriting order data message into a data message of a specification required by the underwriting mechanism by using a corresponding underwriting mechanism realization strategy through the underwriting mechanism routing gateway based on the address of the underwriting mechanism, and send the data message to the corresponding underwriting mechanism.

Preferably, the transaction center adapter includes a first adapter, and the processing procedure of the first adapter on the application data message is as follows:

the first adapter receives a data message with a request mode of POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the first adapter comprises:

arranging the request signature parameters according to the ascending order of letters, splicing the names and the values together, splicing the api_secret to the two sides of the character string obtained in the last step, and finally encrypting by using md5 and converting into capitalization;

the encryption rule of the application data message received by the first adapter comprises:

all parameters except access token are encrypted using RSA.

Preferably, the transaction center adapter includes a second adapter, and the processing procedure of the second adapter on the application data message is as follows:

the second adapter receives a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

Decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the second adapter comprises:

using a national cipher message digest algorithm SM3 to sort the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using appSecret;

the encryption rule of the application data message received by the second adapter comprises:

using the national encryption algorithm SM4 encryption, the bidding transaction center and the second adapter agree on a unified Key value.

Preferably, the transaction center adapter includes a third adapter, and the processing procedure of the third adapter on the application data message is as follows:

the third adapter receives a data message with a request mode of GET/POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

The signing rule of the application data message received by the third adapter comprises:

splicing the message segments according to the first letter ascending order, and signing the message by using the app secret;

the encryption rule of the application data message received by the third adapter comprises:

encryption using SHA 1.

Preferably, the transaction center adapter includes a fourth adapter, and the processing procedure of the fourth adapter on the application data message is as follows:

the fourth adapter receives a data message with the protocol type of HTTP, the request mode of POST and the message coding format of UTF-8;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the fourth adapter comprises:

signing the message by adopting a 32-bit MD5 algorithm;

the encryption rule of the application data message received by the fourth adapter comprises:

using the national encryption algorithm SM2 encryption, the bidding transaction center and the fourth adapter agree on a unified Key value.

Preferably, the order data message obtaining module is specifically configured to:

Performing bid information confirmation including applicant information, bid item information and financial product information;

adopting a corresponding signature form to sign an electronic signature according to the configuration to the same protocol;

submitting the insuring information data into an insuring transaction flow to obtain an insuring order data message;

after submitting the insuring information data into the insuring transaction flow, transaction screening interception is carried out based on wind control rules, wherein the rules comprise project interception rules, product interception rules, charging interception rules and order interception rules;

the item interception rule includes: project interception in the project blacklist is not covered; project interception with the project opening time is not covered;

the product interception rule includes: intercepting the financial institution to which the product belongs in a limited blacklist without being guaranteed; interception is not supported by the type of financial institution to which the product belongs;

the charging interception rule includes: intercepting the insurance expense exceeding the project guarantee fee to be prevented from being insured;

the order interception rule includes: the applicant has successfully applied to intercept the same item without applying.

Preferably, the underwriting mechanism routing gateway includes a first underwriting mechanism implementation policy, and the processing procedure of the first underwriting mechanism implementation policy on the application order data message is as follows:

The first underwriting mechanism realizes that the strategy sends a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the signing rule of the application data message sent by the first underwriting mechanism through the strategy comprises the following steps:

using a national cipher message digest algorithm SM3, sorting the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using an appsecret; the request parameter null value does not participate in signing;

the encryption rule of the application data message sent by the first underwriting mechanism through the implementation strategy comprises the following steps:

encryption is carried out by using a national encryption algorithm SM4, and a unified Key Key value is agreed by a corresponding underwriting agency.

Preferably, the underwriting mechanism routing gateway includes a second underwriting mechanism implementation policy, and the processing procedure of the second underwriting mechanism implementation policy on the application order data message is as follows:

the second underwriting mechanism realizes that the strategy sends data messages with the protocol type of HTTP/HTTPS, the message format of XML and the message coding format of UTF-8;

Converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the signature rule of the application data message sent by the second underwriting mechanism through the strategy comprises the following steps:

the message signature field adds a Key value agreed with an underwriting mechanism according to the data content part to be transmitted, and then encrypts through md 5;

the encryption rule of the application data message sent by the second underwriting mechanism through the implementation strategy comprises the following steps:

encryption is carried out by using a national encryption algorithm SM4, and a unified Key Key value is agreed by a corresponding underwriting agency.

Preferably, the underwriting mechanism routing gateway includes a third underwriting mechanism implementing policy, and the processing procedure of the third underwriting mechanism implementing policy on the application order data message is as follows:

the third underwriting mechanism realizes that the strategy sends a data message with a protocol type of HTTPS and a message format of JSON;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the third underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

Sorting other parameters except the signature according to a key value form dictionary to obtain json strings, and defaulting the json strings by using MD5 signature or signing by using SHA1withRSA algorithm;

the encryption rule of the application data message sent by the third underwriting mechanism through the implementation strategy comprises the following steps:

RSA encryption is used.

Preferably, the underwriting mechanism routing gateway includes a fourth underwriting mechanism implementing policy, and the processing procedure of the fourth underwriting mechanism implementing policy on the application order data message is as follows:

the fourth underwriting mechanism realizes that the strategy sends data messages with HTTP protocol type and XML message format;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

encrypting and signing the converted data message by using a private key;

the encryption rule of the application data message sent by the fourth underwriting mechanism through the strategy comprises the following steps:

performing base64 transcoding on the whole message, and performing RSA encryption;

the fourth underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

and signing the encrypted message.

The invention has the following beneficial effects:

(1) The invention carries out the adaptation processing to the data message from different bidding transaction centers (the docking port address, the communication encryption algorithm, the data message structure, etc. are all different) through the transaction center adapter, and maps and converts the docking standard with larger differentiation into the unified interface docking standard according to the adapter model to obtain the data message with the unified standard; meanwhile, corresponding implementation strategies are respectively constructed by underwriters facing different docking specification requirements (different docking port addresses, communication encryption algorithms, data message structures and the like), unified data specification standards are reversely mapped and transferred into specific docking specification standards according to the corresponding implementation strategies by the underwriter routing gateway, so that docking requirements of different bidding transaction centers and underwriters can be met, electronic bidding insurance functions are quickly developed, compatibility is good, and popularization and application are facilitated;

(2) In the bid warranty processing process, the invention not only carries out general insuring flow processing, but also carries out transaction screening interception based on the wind control rule, thereby effectively maintaining the interests of both the bidder and the tenderer.

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Drawings

FIG. 1 is a diagram of an exemplary system architecture in which embodiments of the present invention may be applied;

FIG. 2 is a block diagram illustrating a bid and guarantee application processing apparatus according to an embodiment of the present invention;

FIG. 3 is a flowchart illustrating a bid and guarantee application processing apparatus according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention; it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments, and that all other embodiments obtained by persons of ordinary skill in the art without making creative efforts based on the embodiments in the present invention are within the protection scope of the present invention.

In the description of the present invention, it should be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

In the description of the present invention, it should be noted that, unless explicitly specified and limited otherwise, the terms "provided with," "engaged/connected," "connected," and the like are to be construed broadly, and for example, "connected" may be a fixed connection, may be a detachable connection, or may be integrally connected, may be a mechanical connection, may be an electrical connection, may be a direct connection, may be an indirect connection via an intermediary, may be a communication between two elements, and it will be apparent to those skilled in the art that the specific meaning of the terms in this disclosure may be understood in a specific case.

Referring to fig. 1, for an exemplary system architecture applied to an embodiment of the present application, the system architecture may include bidding transaction centers 101, 102, 103 (application bodies of the bidding transaction centers are terminal devices), a network 104, a bid and insurance application processing apparatus 105, and underwriters 106, 107, 108 (application bodies of the underwriters are terminal devices). The network 104 is a medium to provide a communication link between the bidding transaction centers 101, 102, 103 and the bid insurance application processing apparatus 105, and a medium to provide a communication link between the bid insurance application processing apparatus 105 and the underwriters 106, 107, 108. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.

In this embodiment, the bidding transaction centers 101, 102, 103 and underwriters 106, 107, 108 may serve as clients, and the bid insurance application processing device 105 serves as a server. Specifically, the user may interact with the bid insurance application processing device 105 via the network 104 using the bidding transaction center 101, 102, 103, and ultimately with the underwriters 106, 107, 108 to rapidly develop electronic bid insurance, etc. Various business applications, such as data processing applications, etc., can be installed on the terminal device.

The terminal device may be hardware or software. When the terminal device is hardware, it may be a variety of electronic devices including, but not limited to, smartphones, tablets, laptop and desktop computers, and the like. When the terminal device is software, it can be installed in the above-listed electronic device. Which may be implemented as a plurality of software or software modules, or as a single software or software module. The present embodiment is not particularly limited.

The bid insurance application processing device 105 may be a server that provides various services, for example, processes bid insurance requests from the bidding transaction centers 101, 102, 103. The application data messages sent by bidders from different bidding transaction centers 101, 102, 103 may be processed, and the application data messages generated based on preset rules and sent to underwriters 106, 107, 108.

The bid insurance application processing device 105 provided in this embodiment is executed by the server 105, and accordingly, the bid insurance application processing device is provided in the server to respond to the request of the bidding transaction center 101, 102, 103 and send to the underwriter 106, 107, 108.

It will be appreciated that the number of bidding transaction centers (101, 102, 103), networks 104, bid insurance application processing apparatus 105, and underwriters (106, 107, 108) in fig. 1 are merely illustrative. Any number of bidding transaction centers, networks, bid insurance application processing devices, and underwriters may be provided, as desired.

Referring to fig. 2, the bid and guarantee application processing device of the present invention includes:

a data message receiving module 201 configured to receive an applied data message transmitted by a bidder from a bidding transaction center;

a standard data message adapting module 202 configured to process a message using a corresponding transaction center adapter based on an address of a bidding transaction center, to obtain a data message having a unified standard;

an order data message obtaining module 203 configured to process a data message with a unified specification standard to obtain an application order data message;

the underwriting mechanism data message conversion module 204 is configured to obtain the underwriting mechanism specified in the underwriting order data message, convert the underwriting order data message into a data message of a specification required by the underwriting mechanism by using a corresponding underwriting mechanism implementation policy through the underwriting mechanism routing gateway based on the address of the underwriting mechanism, and send the data message to the corresponding underwriting mechanism.

As described above, an execution subject of the bid and guarantee application processing apparatus may be a server.

The application interfaces of different bidding transaction centers are often incompatible and have larger difference, and have different docking specifications, such as different system docking port addresses, communication encryption algorithms, data message structures and the like, so that messages from different bidding transaction centers need to be converted into uniform interface docking specification standards through an adapter.

In this embodiment, referring to fig. 3, the transaction center adapter includes a first adapter, a second adapter, a third adapter, and a fourth adapter. The underwriting mechanism routing gateway comprises a first underwriting mechanism implementation strategy, a second underwriting mechanism implementation strategy, a third underwriting mechanism implementation strategy and a fourth underwriting mechanism implementation strategy.

Specifically, the processing procedure of the first adapter on the application data message is as follows:

the first adapter receives a data message with a request mode of POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

The signature rule of the application data message received by the first adapter comprises:

arranging the request signature parameters according to the ascending order of letters, splicing the names and the values together, splicing the api_secret to the two sides of the character string obtained in the last step, and finally encrypting by using md5 and converting into capitalization;

the encryption rule of the application data message received by the first adapter comprises:

all parameters except access token are encrypted using RSA.

Specifically, the process of the first adapter processing the policy application order of the bidding transaction center includes:

(1) Acquiring send data URL address (provided by bidding transaction center, e.g. https:// xxx)

(2) The request mode is pos

(3) Description of the functionality

The first adapter receives a bid transaction center submitted warranty application order ID. In the bidding transaction center page, the applicant can supplement other information required by the bidding party or insurance company, confirm the order, then pay directly, wait for the delivery of the letter, etc.

(4) Data encryption description

The first adapter decrypts and signs the data message by using the bidding transaction center key, then processes the received data, and the processing is completed.

The encrypted and signed request data is as follows in table 1.

TABLE 1

The decrypted request data is as follows in table 2.

TABLE 2

The specific signature rule of the data message sent by the bidding transaction center is as follows:

firstly, the encryption parameters of the request (URL coding is not needed, if the parameters are null, character strings are needed to be converted, sign does not participate in signature) are arranged according to the ascending order of letters, then, names and values are spliced together, then, api_secret is spliced on two sides of the character string obtained in the last step, and finally, md5 is used for encryption and conversion into capital. The final value is the sign value in the request encryption parameter.

The signature request parameters are as follows in table 3.

TABLE 3 Table 3

Encryption process:

a) The Method, the api_key and the api_ secret, timestamp are sequenced into the api_key, the api_secret according to the ascending order of letters,

method, timestamp, all parameter names and parameter values are then concatenated together.

For example:

api_keyxxxapi_secretxxxmethodget_access_tokentimestamp20181015114423；

b) Clamping api_secret at both ends of character string

For example:

api_secretapi_keyxxxapi_secretxxxmethodget_access_tokentimestamp20181015114423api_secret。

c) Encryption using MD5, reconverted to uppercase, final result:

4776C5249AB8F65F5B2AF3A53FD15938

the encryption method of the data message sent by the bidding transaction center is as follows:

when the interface is requested, all parameters except the access_token are encrypted by RSA and then assigned to the parameter. Wherein the parameters to obtain the access token are encrypted using the public RSA public key of the bidding transaction center.

Specifically, the processing procedure of the second adapter on the application data message is as follows:

the second adapter receives a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the second adapter comprises:

using a national cipher message digest algorithm SM3 to sort the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using appSecret;

the encryption rule of the application data message received by the second adapter comprises:

using the national encryption algorithm SM4 encryption, the bidding transaction center and the second adapter agree on a unified Key value.

The parameters of the application data message received by the second adapter are parameters filled in by the corresponding bidding transaction center according to the actual service, the signature and encryption rules of the parameters are the rules, the second adapter uses the corresponding rules to decrypt and check the signature, and other processing flows of the second adapter are similar to those of the first adapter, so that the embodiment is not described in detail.

Specifically, the processing procedure of the third adapter on the application data message is as follows:

the third adapter receives a data message with a request mode of GET/POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signing rule of the application data message received by the third adapter comprises:

splicing the message segments according to the first letter ascending order, and signing the message by using the app secret;

the encryption rule of the application data message received by the third adapter comprises:

encryption using SHA 1.

The parameters of the insuring data message received by the third adapter are parameters filled in the corresponding bidding transaction center according to the actual service, the signing and encryption rules of the parameters are the rules, and the third adapter decrypts and verifies the signature by using the corresponding rules.

The message parameters sent by the bidding transaction center include public parameters and private parameters.

Wherein the common parameters include:

account app id distributed by app id// third party warrant platform, necessary filling, public parameter

request// request data unique id, must fill, common parameters

timestamp// timestamp, fill, common parameters

version// version number, fixed value: 1.0.0, necessary fill, common parameters

sign// signature, must be filled, common parameters.

The private parameters include data.

Examples of request parameters are shown below.

{

"appid": "suixing",

"requestid": "39824ec696e67b40",

"timestamp": "1603246438",

"version": "1.0.0",

"sign": "099516e9e101ea02a929d2df418faa292e1fc1e7",

"data": {

"user ": {

"unitid": "5987bdcf4b0931216ce7b9ca",

"mobile": "1812084x x x x ",

"username": " x x x x ",

"userid": "5b371dc94b0930115808cb4c",

"unitname": "x x x x region",

"bank_name": ",// application for bank name of basic account of enterprise, need to be filled in

"bank_card_num": ", insuring the bank card number of the basic user of the enterprise, must fill }

}

}

Specifically, the processing procedure of the fourth adapter on the application data message is as follows:

the fourth adapter receives a data message with the protocol type of HTTP, the request mode of POST and the message coding format of UTF-8;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the fourth adapter comprises:

signing the message by adopting a 32-bit MD5 algorithm;

the encryption rule of the application data message received by the fourth adapter comprises:

Using the national encryption algorithm SM2 encryption, the bidding transaction center and the fourth adapter agree on a unified Key value.

The parameters of the insuring data message received by the fourth adapter are parameters filled in the corresponding bidding transaction center according to actual business, the signing and encryption rules of the parameters are the rules, and the fourth adapter decrypts and verifies the signature by using the corresponding rules.

The message parameters sent by the bidding transaction center comprise public request parameters and business parameters.

Examples of request messages sent by the bidding transaction center to the fourth adapter are as follows:

POST /xxxx/xxxx HTTP/1.1

Host: ip:port

Content-Type: application/json

version: WYS01

appId: tb15b75d1862da1d48

sign: FAE191CA64A8C9A7BC0E13542E3EE82F

requestId: 7bf041b160df45e1b8e8f25382cb4748

timeStamp: 1625533924

Content-Type: application/json

{

"parameters" JSON service parameters, defined in particular in the service interface below "

}

Further, the field name which does not conform to the preset standard in the decrypted and signature verification processed data message is converted into the field name which conforms to the standard, which can be specifically:

and querying a corresponding database table by using the received field names from the bidding transaction center to obtain the field names meeting the standard.

The field names which do not meet the preset standard can be named as differences or Chinese-English differences.

In summary, different adapters can process the insuring data message of the bidding transaction center matched with the interface, after the request data adapter processes, the insuring data message of the different bidding transaction center is converted into a data message with unified standard, and then the bidding insurance application processing device can process the bidding insurance data in a unified way.

In this embodiment, processing a data packet with a unified specification standard to obtain an application-bound data packet specifically includes:

performing bid information confirmation including applicant information, bid item information and financial product information;

adopting a corresponding signature form to sign an electronic signature according to the configuration to the same protocol;

and submitting the insuring information data into an insuring transaction flow to obtain an insuring order data message.

Further, after submitting the insuring information data into the insuring transaction flow, transaction screening interception is carried out based on wind control rules, wherein the rules comprise project interception rules, product interception rules, charging interception rules and order interception rules;

the item interception rule includes: project interception in the project blacklist is not covered; project interception with the project opening time is not covered;

the product interception rule includes: intercepting the financial institution to which the product belongs in a limited blacklist without being guaranteed; interception is not supported by the type of financial institution to which the product belongs;

the charging interception rule includes: intercepting the insurance expense exceeding the project guarantee fee to be prevented from being insured;

The order interception rule includes: the applicant has successfully applied to intercept the same item without applying.

Transaction screening interception is performed based on the wind control rules, so that the insurance project, the insurance product and the like can be judged, and the interests of the bidder and the bidder are effectively maintained.

The intercepted application order information is required to be distributed to different underwriting institutions according to different product information through transaction screening of the wind control rules. Different underwriting institutions may have different requirements for the docking specification (including different system docking port addresses, communication encryption algorithms, data message structures, etc.), so that corresponding implementation strategies need to be respectively constructed for the different underwriting institutions, and unified data specification standards are reversely mapped and converted into specific docking specification standards required by the underwriting institutions according to the corresponding implementation strategies through the underwriting institution routing gateway.

In this embodiment, the processing procedure of the policy to the application order data packet by the first underwriting mechanism is as follows:

the first underwriting mechanism realizes that the strategy sends a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

Signing and encrypting the converted data message by using a private key;

the signing rule of the application data message sent by the first underwriting mechanism through the strategy comprises the following steps:

using a national cipher message digest algorithm SM3, sorting the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using an appsecret; the request parameter null value does not participate in signing;

the encryption rule of the application data message sent by the first underwriting mechanism through the implementation strategy comprises the following steps:

encryption is carried out by using a national encryption algorithm SM4, and a unified Key Key value is agreed by a corresponding underwriting agency.

Specifically, the strategy is realized through the first underwriter, the bid insurance application processing device carries out signature encryption pushing on related parameters to the underwriter, and after the underwriter takes the data, the underwriter carries out signature verification and decryption according to keys and rules agreed by the two parties.

The message parameters sent by the first underwriting mechanism to implement the policy include request time, service serial number, label segment name, deposit amount, name of the signer enterprise, message signature, etc., which are not described in detail in this embodiment.

In this embodiment, the processing procedure of the policy to the application order data packet by the second underwriting mechanism is as follows:

the second underwriting mechanism realizes that the strategy sends data messages with the protocol type of HTTP/HTTPS, the message format of XML and the message coding format of UTF-8;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the signature rule of the application data message sent by the second underwriting mechanism through the strategy comprises the following steps:

the message signature field adds a Key value agreed with an underwriting mechanism according to the data content part to be transmitted, and then encrypts through md 5;

the encryption rule of the application data message sent by the second underwriting mechanism through the implementation strategy comprises the following steps:

encryption is carried out by using a national encryption algorithm SM4, and a unified Key Key value is agreed by a corresponding underwriting agency.

Specifically, the policy is realized through the second underwriter, the bid insurance application processing device carries out signature encryption pushing on relevant parameters to the underwriter, and after the underwriter takes the data, the underwriter carries out signature verification and decryption according to keys and rules agreed by the two parties.

The message parameters sent by the second underwriting mechanism to implement the policy include channel information, a request message header, a request message body, etc., where the request message header includes a signature field, and the request message body includes principal information of the policy applicant, information of the insured person, etc., and other parameters are not described in detail in this embodiment.

In this embodiment, the processing procedure of the policy to the application order data packet by the third underwriting mechanism is as follows:

the third underwriting mechanism realizes that the strategy sends a data message with a protocol type of HTTPS and a message format of JSON;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the third underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

sorting other parameters except the signature according to a key value form dictionary to obtain json strings, and defaulting the json strings by using MD5 signature or signing by using SHA1withRSA algorithm;

the encryption rule of the application data message sent by the third underwriting mechanism through the implementation strategy comprises the following steps:

RSA encryption is used.

Specifically, the policy is realized through the third underwriter, the bid insurance application processing device carries out signature encryption pushing on related parameters to the underwriter, and after the underwriter takes the data, the underwriter carries out signature verification and decryption according to keys and rules agreed by the two parties.

The common request parameters for implementing policy delivery by the third underwriting agency are as follows in table 4.

TABLE 4 Table 4

In this embodiment, the processing procedure of the policy to the application order data packet by the fourth underwriting mechanism is as follows:

The fourth underwriting mechanism realizes that the strategy sends data messages with HTTP protocol type and XML message format;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

encrypting and signing the converted data message by using a private key;

the encryption rule of the application data message sent by the fourth underwriting mechanism through the strategy comprises the following steps:

performing base64 transcoding on the whole message, and performing RSA encryption;

the fourth underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

and signing the encrypted message.

Specifically, the policy is realized through the fourth underwriter, the bid insurance application processing device carries out signature encryption pushing on relevant parameters to the underwriter, and after the underwriter takes the data, the underwriter carries out signature verification and decryption according to keys and rules agreed by the two parties.

The message parameters sent by the fourth underwriting mechanism to implement the policy include a request packet header, a request packet body, etc., where the request packet header includes fields such as packet length, transaction code, partner code, encrypted signature, etc., and the request message body is an xml message body, and specific parameters are not described in detail in this embodiment.

In the above description, as for the processing flow of the application data message sent by the bidding party from the bidding transaction center, the processing procedure of the response data message from the underwriter is the reverse of the processing flow, and one processing flow is to sign and encrypt the underwriter, and the bid insurance application processing device decrypts and verifies the signature; the other processing flow is to make signature encryption for the bid insurance application processing device, and make decryption and signature verification for the corresponding bid transaction center, and the detailed description is not repeated in this embodiment.

In summary, the embodiment respectively constructs corresponding implementation strategies for the underwriters with different requirements of docking specifications (different docking port addresses, communication encryption algorithms, data message structures and the like), reversely maps and transfers unified data specification standards into specific docking specification standards according to the corresponding implementation strategies through the underwriter routing gateway, can meet the docking requirements of different bidding transaction centers and underwriters, rapidly establishes electronic bidding insurance functions, has good compatibility, and is convenient to popularize and apply.

The above description is only of the preferred embodiments of the present invention; the scope of the invention is not limited in this respect. Any person skilled in the art, within the technical scope of the present disclosure, may apply to the present invention, and the technical solution and the improvement thereof are all covered by the protection scope of the present invention.

Claims (2)

1. A bid insurance application processing apparatus, comprising:

a data message receiving module configured to receive an applied data message sent by a bidder from a bidding transaction center;

the standard data message adaptation module is configured to process messages by using a corresponding transaction center adapter based on the address of the bidding transaction center to obtain data messages with a unified standard;

The order data message acquisition module is configured to process the data message with the unified specification standard to acquire an application-specific order data message;

the system comprises an underwriting mechanism data message conversion module, an underwriting mechanism routing gateway and an underwriting mechanism routing gateway, wherein the underwriting mechanism data message conversion module is configured to acquire an underwriting mechanism designated in the underwriting order data message, convert the underwriting order data message into a data message with a specification required by the underwriting mechanism by using a corresponding underwriting mechanism implementation strategy based on the address of the underwriting mechanism, and send the data message to the corresponding underwriting mechanism;

the transaction center adapter comprises a first adapter, and the processing procedure of the first adapter on the application data message is as follows:

the first adapter receives a data message with a request mode of POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the first adapter comprises:

arranging the request signature parameters according to the ascending order of letters, splicing the names and the values together, splicing the api_secret to the two sides of the character string obtained in the last step, and finally encrypting by using md5 and converting into capitalization;

The encryption rule of the application data message received by the first adapter comprises:

encrypting all parameters except the access_token by using RSA;

the transaction center adapter comprises a second adapter, and the processing procedure of the second adapter on the application data message is as follows:

the second adapter receives a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signature rule of the application data message received by the second adapter comprises:

using a national cipher message digest algorithm SM3 to sort the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using appSecret;

the encryption rule of the application data message received by the second adapter comprises:

encrypting by using a national encryption algorithm SM4, and enabling a bidding transaction center and a second adapter to agree on a unified Key Key value;

The transaction center adapter comprises a third adapter, and the processing procedure of the third adapter on the application data message is as follows:

the third adapter receives a data message with a request mode of GET/POST and a message format of JSON;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

the signing rule of the application data message received by the third adapter comprises:

splicing the message segments according to the first letter ascending order, and signing the message by using the app secret;

the encryption rule of the application data message received by the third adapter comprises:

encryption using SHA 1;

the transaction center adapter comprises a fourth adapter, and the processing procedure of the fourth adapter on the application data message is as follows:

the fourth adapter receives a data message with the protocol type of HTTP, the request mode of POST and the message coding format of UTF-8;

decrypting the data message by using the private key and checking the signature;

converting the field names which do not accord with the preset standard in the decrypted and signature-checking processed data message into field names accord with the standard, and obtaining the data message with unified standard;

The signature rule of the application data message received by the fourth adapter comprises:

signing the message by adopting a 32-bit MD5 algorithm;

the encryption rule of the application data message received by the fourth adapter comprises:

encrypting by using a national encryption algorithm SM2, and enabling a bidding transaction center and a fourth adapter to agree on a unified Key Key value;

the order data message acquisition module is specifically configured to:

performing bid information confirmation including applicant information, bid item information and financial product information;

adopting a corresponding signature form to sign an electronic signature according to the configuration to the same protocol;

submitting the insuring information data into an insuring transaction flow to obtain an insuring order data message;

the underwriting mechanism routing gateway comprises a first underwriting mechanism implementation strategy, and the processing procedure of the first underwriting mechanism implementation strategy on the application order data message is as follows:

the first underwriting mechanism realizes that the strategy sends a data message with the protocol type of HTTP, the message format of JSON and the message coding format of UTF-8;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

The signing rule of the application data message sent by the first underwriting mechanism through the strategy comprises the following steps:

using a national cipher message digest algorithm SM3, sorting the message segments according to an ASCII ascending order, splicing the message segments into character strings by "&" characters according to a mode of 'parameter=parameter value', and finally signing the message by using an appsecret; the request parameter null value does not participate in signing;

the encryption rule of the application data message sent by the first underwriting mechanism through the implementation strategy comprises the following steps:

encrypting by using a national encryption algorithm SM4, and agreeing a unified Key Key value with a corresponding underwriting institution;

the underwriting mechanism routing gateway comprises a second underwriting mechanism implementation strategy, and the processing procedure of the second underwriting mechanism implementation strategy on the application order data message is as follows:

the second underwriting mechanism realizes that the strategy sends data messages with the protocol type of HTTP/HTTPS, the message format of XML and the message coding format of UTF-8;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the signature rule of the application data message sent by the second underwriting mechanism through the strategy comprises the following steps:

The message signature field adds a Key value agreed with an underwriting mechanism according to the data content part to be transmitted, and then encrypts through md 5;

the encryption rule of the application data message sent by the second underwriting mechanism through the implementation strategy comprises the following steps:

encrypting by using a national encryption algorithm SM4, and agreeing a unified Key Key value with a corresponding underwriting institution;

the underwriting mechanism routing gateway comprises a third underwriting mechanism implementation strategy, and the processing procedure of the third underwriting mechanism implementation strategy on the application order data message is as follows:

the third underwriting mechanism realizes that the strategy sends a data message with a protocol type of HTTPS and a message format of JSON;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

signing and encrypting the converted data message by using a private key;

the third underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

sorting other parameters except the signature according to a key value form dictionary to obtain json strings, and defaulting the json strings by using MD5 signature or signing by using SHA1withRSA algorithm;

the encryption rule of the application data message sent by the third underwriting mechanism through the implementation strategy comprises the following steps:

Encryption using RSA;

the underwriting mechanism routing gateway comprises a fourth underwriting mechanism implementation strategy, and the processing procedure of the fourth underwriting mechanism implementation strategy on the application order data message is as follows:

the fourth underwriting mechanism realizes that the strategy sends data messages with HTTP protocol type and XML message format;

converting the field names in the data message into field names which are in line with the requirements of corresponding underwriting institutions;

encrypting and signing the converted data message by using a private key;

the encryption rule of the application data message sent by the fourth underwriting mechanism through the strategy comprises the following steps:

performing base64 transcoding on the whole message, and performing RSA encryption;

the fourth underwriting mechanism realizes the signature rule of the applied data message sent by the strategy and comprises the following steps:

and signing the encrypted message.

2. The bid insurance application processing device of claim 1, wherein after submitting the application information data into the application transaction flow, further comprising performing transaction screening interception based on wind control rules, the rules including item interception rules, product interception rules, billing interception rules, and order interception rules;

the item interception rule includes: project interception in the project blacklist is not covered; project interception with the project opening time is not covered;

The product interception rule includes: intercepting the financial institution to which the product belongs in a limited blacklist without being guaranteed; interception is not supported by the type of financial institution to which the product belongs;

the charging interception rule includes: intercepting the insurance expense exceeding the project guarantee fee to be prevented from being insured;

the order interception rule includes: the applicant has successfully applied to intercept the same item without applying.