CN116415260A - Data processing method, device, receiving end and computer readable storage medium - Google Patents

Data processing method, device, receiving end and computer readable storage medium Download PDF

Info

Publication number
CN116415260A
CN116415260A CN202111636385.7A CN202111636385A CN116415260A CN 116415260 A CN116415260 A CN 116415260A CN 202111636385 A CN202111636385 A CN 202111636385A CN 116415260 A CN116415260 A CN 116415260A
Authority
CN
China
Prior art keywords
preset
information
key
sending
data information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111636385.7A
Other languages
Chinese (zh)
Inventor
班晓真
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou 360 Intelligent Security Technology Co Ltd
Original Assignee
Suzhou 360 Intelligent Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou 360 Intelligent Security Technology Co Ltd filed Critical Suzhou 360 Intelligent Security Technology Co Ltd
Priority to CN202111636385.7A priority Critical patent/CN116415260A/en
Publication of CN116415260A publication Critical patent/CN116415260A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a data processing method, which is applied to a receiving end, wherein the receiving end is provided with a preset safety area, and the data processing method comprises the following steps: receiving encrypted data information sent by a sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key; the encrypted data information is sent to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information; and receiving the result data information fed back by the preset safety area. The invention also discloses a data processing device, a receiving end and a computer readable storage medium. By using the data processing method, the obtained result data has higher safety.

Description

Data processing method, device, receiving end and computer readable storage medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a data processing method, a data processing device, a receiving end, and a computer readable storage medium.
Background
At present, along with the development of technology, a large amount of data is transmitted through the internet; in order to ensure the security of data processing, when data processing is performed, encryption or decryption is required to be performed by using a pre-stored key so as to ensure the security of the data processing process.
In the related art, a data processing method is disclosed, and when a receiving end receives encrypted data information sent by a sending end, a pre-stored key is utilized to decrypt the encrypted data information so as to obtain decrypted data information.
However, the security of the decrypted data information obtained by the existing data processing method is poor.
Disclosure of Invention
The invention mainly aims to provide a data processing method, a data processing device, a receiving end and a computer readable storage medium, and aims to solve the technical problem that the security of decrypted data information obtained by adopting the existing data processing method in the prior art is poor.
In order to achieve the above object, the present invention provides a data processing method applied to a receiving end, wherein the receiving end has a preset security area, and the data processing method includes the following steps:
receiving encrypted data information sent by a sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key;
The encrypted data information is sent to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information;
and receiving the result data information fed back by the preset safety area.
Optionally, a second preset encryption key and key seed information are stored in the preset security area;
before the step of receiving the encrypted data information sent by the sending end, the method further includes:
sending a seed generation instruction to the preset security area, so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key to obtain encrypted seed information;
the encryption seed information sent by the preset security area is received, and the encryption seed information is sent to the sending end, so that the sending end decrypts the encryption seed information by utilizing a pre-stored second preset decryption key to obtain the key seed information, and the first preset encryption key is obtained based on the key seed information.
Optionally, the sending a seed generation instruction to the preset secure area, so that the preset secure area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key, and before the step of obtaining the encrypted seed information, the method further includes:
transmitting an encryption algorithm set and a compression method set to the transmitting end so that the transmitting end obtains a selected encryption algorithm and a selected compression method based on the encryption algorithm set and the compression method set;
receiving the selected encryption algorithm and the selected compression method sent by the sending end;
the step of sending a seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key, and the step of obtaining encrypted seed information includes:
and sending the selected encryption algorithm, the selected compression method and the seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypting the key seed information by utilizing the selected encryption algorithm, the selected compression method and the second preset encryption key to obtain encrypted seed information.
Optionally, before the step of sending the selected encryption algorithm, the selected compression method, and the seed generation instruction to the preset secure area to enable the preset secure area to obtain the first preset decryption key based on the key seed information, and encrypt the key seed information by using the selected encryption algorithm, the selected compression method, and the second preset encryption key to obtain encrypted seed information, the method further includes:
sending a key acquisition request to the sending end, so that the sending end generates the second preset encryption key and the second preset decryption key based on the key acquisition request;
receiving the second preset encryption key sent by the sending end;
and sending the second preset encryption key to the preset security area so that the preset security area stores the second preset encryption key.
Optionally, the preset security area stores a first universal unique identification code; before the step of sending the encrypted data information to the preset security area to enable the preset security area to decrypt the encrypted data information through a pre-stored first preset decryption key to obtain the result data information, the method further comprises:
Acquiring a second universal unique identification code from a local memory;
transmitting the second universal unique identification code to the preset safety area so that the preset safety area obtains authentication success information when the second universal unique identification code and the first universal unique identification code meet preset conditions;
the step of sending the encrypted data information to the preset security area so that the preset security area decrypts the encrypted data information through a pre-stored first preset decryption key, and the step of obtaining the result data information comprises the following steps:
and when the authentication success information fed back by the preset safety area is received, sending the encrypted data information to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key, and obtaining result data information.
Optionally, before the step of obtaining the second universal unique identifier from the local memory, the method further includes:
acquiring equipment information and time information of the receiving end;
based on the device information and the time information, obtaining the first universal unique identification code and the second universal unique identification code;
And storing the second universal unique identification code in the local memory, and sending the first universal unique identification code to the preset safety area so that the preset safety area stores the first universal unique identification code.
Optionally, the result data information includes virtual resource transaction information to be verified, and the preset security area stores identity verification information; after the step of receiving the result data information fed back by the preset security area, the method further includes:
extracting the virtual resource transaction information to be verified from the result data information;
transmitting the virtual resource transaction information to be verified to the preset safety area, so that the preset safety area verifies the virtual resource transaction information to be verified by utilizing the identity verification information to obtain a verification result;
receiving the verification result fed back by the preset safety area;
and sending the verification result to the sending end so that the sending end obtains a virtual resource transaction result based on the verification result.
Optionally, the sending the virtual resource transaction information to be verified to the preset security area, so that the preset security area verifies the virtual resource transaction information to be verified by using the identity verification information, and before the step of obtaining the verification result, the method further includes:
The biometric information of the user is collected, or,
receiving password information sent by a user;
based on the biometric information, the authentication information is obtained, or,
based on the password information, acquiring the identity verification information;
and sending the authentication information to the preset security area so that the preset security area stores the authentication information.
Optionally, the biometric information includes fingerprint information, voiceprint information, iris information, vein information, or face information.
Optionally, the preset security area is a processor security area based on a trust zone technology.
In addition, to achieve the above object, the present invention further provides a data processing apparatus applied to a receiving end, the receiving end having a preset security area, the apparatus comprising:
the first receiving module is used for receiving encrypted data information sent by the sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key;
the first sending module is used for sending the encrypted data information to the preset safety area so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information;
And the feedback receiving module is used for receiving the result data information fed back by the preset safety area.
Optionally, a second preset encryption key and key seed information are stored in the preset security area; the apparatus further comprises:
the instruction sending module is used for sending a seed generation instruction to the preset safety area so that the preset safety area can obtain the first preset decryption key based on the key seed information, and the second preset encryption key is used for encrypting the key seed information to obtain encrypted seed information;
the seed receiving module is used for receiving the encrypted seed information sent by the preset safety area, sending the encrypted seed information to the sending end, enabling the sending end to decrypt the encrypted seed information by using a pre-stored second preset decryption key to obtain the key seed information, and obtaining the first preset encryption key based on the key seed information.
Optionally, the apparatus further includes:
the second sending module is used for sending the encryption algorithm set and the compression method set to the sending end so that the sending end can obtain a selected encryption algorithm and a selected compression method based on the encryption algorithm set and the compression method set;
The second receiving module is used for receiving the selected encryption algorithm and the selected compression method which are sent by the sending end;
the instruction sending module is further configured to send the selected encryption algorithm, the selected compression method, and a seed generation instruction to the preset secure area, so that the preset secure area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the selected encryption algorithm, the selected compression method, and the second preset encryption key to obtain encrypted seed information.
Optionally, the apparatus further includes:
the third sending module is used for sending a key acquisition request to the sending end so that the sending end generates the second preset encryption key and the second preset decryption key based on the key acquisition request;
the third receiving module is used for receiving the second preset encryption key sent by the sending end;
and the key sending module is used for sending the second preset encryption key to the preset security area so that the preset security area stores the second preset encryption key.
Optionally, the preset security area stores a first universal unique identification code; the apparatus further comprises:
The first acquisition module is used for acquiring a second universal unique identification code from the local memory;
the fourth sending module is used for sending the second universal unique identification code to the preset safety area so that the preset safety area can obtain authentication success information when the second universal unique identification code and the first universal unique identification code meet preset conditions;
the first sending module is further configured to send the encrypted data information to the preset security area when the authentication success information fed back by the preset security area is received, so that the preset security area decrypts the encrypted data information through a pre-stored first preset decryption key, and obtains result data information.
Optionally, the apparatus further includes:
the second acquisition module is used for acquiring the equipment information and the time information of the receiving end;
an obtaining module configured to obtain the first universal unique identification code and the second universal unique identification code based on the device information and the time information;
and the storage module is used for storing the second universal unique identification code in the local memory and sending the first universal unique identification code to the preset safety area so that the preset safety area stores the first universal unique identification code.
Optionally, the result data information includes virtual resource transaction information to be verified, and the preset security area stores identity verification information; the apparatus further comprises:
the extraction module is used for extracting the virtual resource transaction information to be verified from the result data information;
a fifth sending module, configured to send the virtual resource transaction information to be verified to the preset security area, so that the preset security area verifies the virtual resource transaction information to be verified by using the identity verification information, and a verification result is obtained;
a fourth receiving module, configured to receive the verification result fed back by the preset security area;
and the sixth sending module is used for sending the verification result to the sending end so that the sending end obtains a virtual resource transaction result based on the verification result.
Optionally, the apparatus further includes:
the acquisition module is used for acquiring the biological characteristic information of the user or receiving the password information sent by the user;
the verification information obtaining module is used for obtaining the identity verification information based on the biological characteristic information or obtaining the identity verification information based on the password information;
And the authentication information sending module is used for sending the authentication information to the preset security area so that the preset security area stores the authentication information.
In addition, in order to achieve the above object, the present invention also provides a receiving end, which includes: the method comprises the steps of presetting a safety area, a memory, a processor and a data processing program stored on the memory and running on the processor, wherein the data processing program realizes the data processing method according to any one of the above steps when being executed by the processor.
In addition, in order to achieve the above object, the present invention also proposes a computer-readable storage medium having stored thereon a data processing program which, when executed by a processor, implements the steps of the data processing method as set forth in any one of the above.
The technical scheme of the invention provides a data processing method, which is applied to a receiving end, wherein the receiving end is provided with a preset safety area, and the data processing method comprises the following steps: receiving encrypted data information sent by a sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key; the encrypted data information is sent to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information; and receiving the result data information fed back by the preset safety area. The decryption process of the encrypted data information is carried out in the preset safety area, the safety of the preset safety area is extremely high, the encrypted data information cannot be tampered or unsafe codes are implanted in the decryption process, the safety of the decryption process of the encrypted data information is relatively high, and the safety of the obtained result data information (decrypted data information) is extremely high, so that the technical effect of improving the safety of the decrypted data information is achieved by utilizing the data processing method.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to the structures shown in these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a receiver architecture of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flow chart of a first embodiment of a data processing method according to the present invention;
FIG. 3 is a flowchart illustrating a second embodiment of a data processing method according to the present invention before step S11;
FIG. 4 is a flowchart illustrating a third embodiment of a data processing method according to the present invention before step S21;
FIG. 5 is a flowchart illustrating a fourth embodiment of a data processing method according to the present invention before step S21;
FIG. 6 is a flowchart illustrating a fifth embodiment of a data processing method according to the present invention before step S12;
FIG. 7 is a flowchart illustrating a sixth embodiment of a data processing method according to the present invention before step S51;
FIG. 8 is a flowchart of a seventh embodiment of a data processing method according to the present invention after step S13;
Fig. 9 is a block diagram showing the structure of a first embodiment of the data processing apparatus of the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, fig. 1 is a schematic diagram of a receiver structure of a hardware running environment according to an embodiment of the present invention.
The receiving end may be a Mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a Personal Digital Assistant (PDA), a tablet personal computer (PAD), a User Equipment (UE), a handheld device, a vehicle-mounted device, a wearable device, a computing device, or other processing device connected to a wireless modem, a Mobile Station (MS), etc. The receiving end may be referred to as a user terminal, a portable terminal, a desktop terminal, etc.
In general, the receiving end includes: at least one pre-set secure area 307, a processor 301, a memory 302 and a data processing program stored on said memory and executable on said processor, said data processing program being configured to implement the steps of the data processing method as described above. Generally, the hardware regions other than the preset secure region are all non-secure regions.
Processor 301 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and the like. The processor 301 may be implemented in at least one hardware form of DSP (Digital Signal Processing ), FPGA (Field-Programmable Gate Array, field programmable gate array), PLA (Programmable Logic Array ). The processor 301 may also include a main processor, which is a processor for processing data in an awake state, also called a CPU (Central ProcessingUnit ), and a coprocessor; a coprocessor is a low-power processor for processing data in a standby state. In some embodiments, the processor 301 may integrate a GPU (Graphics Processing Unit, image processor) for rendering and drawing of content required to be displayed by the display screen. The processor 301 may also include an AI (Artificial Intelligence ) processor for processing related data processing method operations so that the data processing method model may be self-training learned, improving efficiency and accuracy.
Memory 302 may include one or more computer-readable storage media, which may be non-transitory. Memory 302 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 302 is used to store at least one instruction for execution by processor 301 to implement the data processing methods provided by the method embodiments herein.
In some embodiments, the terminal may further optionally include: a communication interface 303, and at least one peripheral device. The processor 301, the memory 302 and the communication interface 303 may be connected by a bus or signal lines. The respective peripheral devices may be connected to the communication interface 303 through a bus, signal line, or circuit board. Specifically, the peripheral device includes: at least one of radio frequency circuitry 304, a display screen 305, and a power supply 306.
The communication interface 303 may be used to connect at least one peripheral device associated with an I/O (Input/Output) to the processor 301 and the memory 302. In some embodiments, processor 301, memory 302, and communication interface 303 are integrated on the same chip or circuit board; in some other embodiments, either or both of the processor 301, the memory 302, and the communication interface 303 may be implemented on separate chips or circuit boards, which is not limited in this embodiment.
The Radio Frequency circuit 304 is configured to receive and transmit RF (Radio Frequency) signals, also known as electromagnetic signals. The radio frequency circuitry 304 communicates with a communication network and other communication devices via electromagnetic signals. The radio frequency circuit 304 converts an electrical signal into an electromagnetic signal for transmission, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 304 includes: antenna systems, RF transceivers, one or more amplifiers, tuners, oscillators, digital signal processors, codec chipsets, subscriber identity module cards, and so forth. The radio frequency circuitry 304 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocol includes, but is not limited to: metropolitan area networks, various generations of mobile communication networks (2G, 3G, 4G, and 5G), wireless local area networks, and/or WiFi (Wireless Fidelity ) networks. In some embodiments, the radio frequency circuitry 304 may also include NFC (Near Field Communication ) related circuitry, which is not limited in this application.
The display screen 305 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display 305 is a touch screen, the display 305 also has the ability to collect touch signals at or above the surface of the display 305. The touch signal may be input as a control signal to the processor 301 for processing. At this point, the display 305 may also be used to provide virtual buttons and/or virtual keyboards, also referred to as soft buttons and/or soft keyboards. In some embodiments, the display 305 may be one, the front panel of an electronic device; in other embodiments, the display screen 305 may be at least two, respectively disposed on different surfaces of the electronic device or in a folded design; in still other embodiments, the display 305 may be a flexible display disposed on a curved surface or a folded surface of the electronic device. Even more, the display screen 305 may be arranged in an irregular pattern other than rectangular, i.e., a shaped screen. The display 305 may be made of LCD (LiquidCrystal Display ), OLED (Organic Light-Emitting Diode) or other materials.
The power supply 306 is used to power the various components in the electronic device. The power source 306 may be alternating current, direct current, disposable or rechargeable. When the power source 306 comprises a rechargeable battery, the rechargeable battery may support wired or wireless charging. The rechargeable battery may also be used to support fast charge technology. It will be appreciated by those skilled in the art that the structure shown in fig. 1 is not limiting of the receiving end and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
Furthermore, an embodiment of the present invention also proposes a computer-readable storage medium, on which a data processing program is stored, which, when executed by a processor, implements the steps of the data processing method as described above. Therefore, a detailed description will not be given here. In addition, the description of the beneficial effects of the same method is omitted. For technical details not disclosed in the embodiments of the computer-readable storage medium according to the present application, please refer to the description of the method embodiments of the present application. As an example, the program instructions may be deployed to be executed on one receiver or on multiple receivers located at one site or, alternatively, distributed across multiple sites and interconnected by a communication network.
Those skilled in the art will appreciate that implementing all or part of the above-described methods may be accomplished by way of computer programs, which may be stored on a computer-readable storage medium, and which, when executed, may comprise the steps of the embodiments of the methods described above. The computer readable storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random access Memory (Random AccessMemory, RAM), or the like.
Based on the above hardware structure, an embodiment of the data processing method of the present invention is presented.
Referring to fig. 2, fig. 2 is a flowchart of a first embodiment of a data processing method according to the present invention, where the method is used for a receiving end, and the receiving end has a preset security area, and the method includes the following steps:
step S11: and receiving the encrypted data information sent by the sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key.
It should be noted that, the execution body of the present invention is a receiving end having a preset secure area, and the non-secure area of the receiving end is used for executing the data processing method of the present invention, that is, the data processing program of the present invention is installed in the non-secure area and interacts with the preset secure area; the structure of the receiving end is described above, and will not be described here again. The sending end is usually a server and is used for sending encrypted data information, the sending end obtains a data acquisition request of target data information which the receiving end wants to acquire before sending the target data information which the receiving end wants to acquire, based on the data acquisition request, the sending end obtains the target data information (the target data information which the sending end stores by itself or the target data information which the sending end acquires from other electronic devices or servers) and encrypts the target data information by using a first preset encryption key to obtain the encrypted data information. Generally, the encrypted data information is protected by a first preset encryption key in the transmission process, so that the encrypted data information cannot be tampered or destroyed, and the integrity and the safety of target data information in the encrypted data information are ensured.
In general, the encrypted data information transmitted by the transmitting end is based on a data acquisition request by the receiving end. For example, a sending end receives a data information to be acquired, acquires the a data information according to a data acquisition request of a receiving end, encrypts the a data information by using a first preset encryption key to acquire encrypted a data information, and sends the encrypted a data information to the receiving end.
Step S12: and sending the encrypted data information to the preset security area, so that the preset security area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information.
It should be noted that, the receiving end of the present invention has a preset security area, generally the preset security area is a processor security area based on the trust zone technology, the trust zone is a hardware architecture designed by the ARM for the consumer electronic device, the purpose of which is to construct a security framework for the consumer electronic product to resist various possible attacks, the trust zone conceptually divides the hardware and software resources of the SoC into two worlds of a security area and a non-security area, the security area is not invaded by external unsafe virus files, virus plug-ins and virus running programs, and the security of the files and data processing processes in the security area is extremely high. The preset security area stores a first preset decryption key, and decrypts the encrypted data information in the preset security area to obtain resultant data information (i.e., decrypted target data information, the target data information described above). Because the first preset decryption key is stored in the preset security area, the first preset decryption key cannot be tampered or destroyed, so that the encrypted data information can be decrypted successfully by using the first preset decryption key, meanwhile, the decryption operation is carried out in the preset security area, the security of the decryption process is extremely high, the encrypted data information cannot be tampered or destroyed in the decryption process, and the dual security protection is realized, so that the security and the integrity of the data information are ensured.
Step S13: and receiving the result data information fed back by the preset safety area.
After the preset secure area decrypts the encrypted data information by using the first preset decryption key, the result data information is obtained, and the receiving end is required to obtain the result data information so as to perform related operation or data processing by using the result data information.
The technical scheme of the embodiment provides a data processing method, which is applied to a receiving end, wherein the receiving end is provided with a preset safety area, and the data processing method comprises the following steps: receiving encrypted data information sent by a sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key; the encrypted data information is sent to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information; and receiving the result data information fed back by the preset safety area. The decryption process of the encrypted data information is carried out in the preset safety area, the safety of the preset safety area is extremely high, the encrypted data information cannot be tampered or unsafe codes are implanted in the decryption process, the safety of the decryption process of the encrypted data information is relatively high, and the safety of the obtained result data information (decrypted data information) is extremely high, so that the technical effect of improving the safety of the decrypted data information is achieved by utilizing the data processing method.
Referring to fig. 3, fig. 3 is a schematic flow chart before step S11 of the second embodiment of the data processing method of the present invention; the method is used for a receiving end, the receiving end is provided with a preset safety area, and the method comprises the following steps:
step S21: and sending a seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key to obtain encrypted seed information.
Step S22: the encryption seed information sent by the preset security area is received, and the encryption seed information is sent to the sending end, so that the sending end decrypts the encryption seed information by utilizing a pre-stored second preset decryption key to obtain the key seed information, and the first preset encryption key is obtained based on the key seed information.
It should be noted that, the second preset encryption key and key seed information are stored in the preset security area; the first preset decryption key is obtained according to key seed information in a preset security area in the receiving end, and meanwhile, in order to enable the sending end to have a first preset encryption key which can correspond to the first decryption key, the key seed information needs to be sent to the sending end, so that the sending end can obtain the first preset encryption key according to the key seed information. In order to ensure the security of the transmission of the key seed information, the key seed information needs to be encrypted by a pre-stored second preset encryption key in a preset security area to obtain the encrypted seed information, and the receiving end sends the encrypted seed information to the sending end so that the sending end decrypts the encrypted seed information by using the pre-stored second preset decryption key to obtain the key seed information, and the first preset encryption key is obtained based on the key seed information.
It can be understood that, in order to ensure that the first preset encryption key and the first preset decryption key have a corresponding relationship, the first preset encryption key is obtained in the transmitting end and the first preset decryption key is obtained in the preset security area of the receiving end by using the key seed information in the preset security area.
The first preset encryption key and the first preset decryption key are obtained by using the same key seed information, so that the corresponding relation is good, the first preset encryption key can be smoothly used for encrypting the target data, and the first preset decryption key can be smoothly used for decrypting the encrypted target data. And meanwhile, in the transmission process of the key seed information, the key seed information is encrypted by using a second preset encryption key, so that the safety and the integrity of the key seed information in the transmission process are ensured.
Referring to fig. 4, fig. 4 is a schematic flow chart before step S21 of the third embodiment of the data processing method according to the present invention; the method is used for a receiving end, the receiving end is provided with a preset safety area, and the method comprises the following steps:
step S31: transmitting an encryption algorithm set and a compression method set to the transmitting end so that the transmitting end obtains a selected encryption algorithm and a selected compression method based on the encryption algorithm set and the compression method set;
Step S32: receiving the selected encryption algorithm and the selected compression method sent by the sending end;
correspondingly, step S21 includes: and sending the selected encryption algorithm, the selected compression method and the seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypting the key seed information by utilizing the selected encryption algorithm, the selected compression method and the second preset encryption key to obtain encrypted seed information.
It should be noted that, the sending end and the receiving end both have multiple encryption algorithms and multiple compression methods, in general, the sending end is a server, and the sending end has multiple encryption algorithms and compression methods, and includes other encryption algorithms and compression methods besides those of the receiving end, so that it is generally necessary to determine a selected encryption algorithm and a selected compression method based on the encryption algorithms and compression methods supportable by the receiving end, so that a preset security area in the receiving end encrypts the key seed information by using the selected encryption algorithm, the selected compression method and the second preset encryption key to obtain encryption seed information.
For example, the receiving end has an encryption algorithm set, including: b encryption algorithm and c encryption algorithm, the receiving end also has a compression method set, including: d compression method and f compression method; meanwhile, the sending end is provided with an encryption algorithm set, which comprises the following steps: b encryption algorithm, c encryption algorithm, h encryption algorithm and j encryption algorithm, the transmitting end is also provided with a compression method set, comprising: d compression method, f compression method, e compression method and g compression method. At this time, the transmitting end receives the receiving end and transmits the encryption algorithm set and the compression method set, the transmitting end determines that the encryption algorithm b is a selected encryption algorithm and the compression method d is a selected compression method according to the received encryption algorithm set and compression method set, and transmits the selected encryption algorithm and the selected compression method to the receiving end, and a preset security area of the receiving end encrypts the key seed information by using the selected encryption algorithm, the selected compression method and the second preset encryption key to obtain encryption seed information. At this time, after the sending end receives the encrypted seed information sent by the receiving end, the sending end can decrypt the encrypted seed information by using the selected encryption algorithm, the selected compression method and the second preset decryption key to obtain key seed information, and obtain the first preset encryption key by using the key seed information.
Referring to fig. 5, fig. 5 is a schematic flow chart before step S21 of a fourth embodiment of the data processing method according to the present invention; the method is used for a receiving end, the receiving end is provided with a preset safety area, and the method comprises the following steps:
step S41: sending a key acquisition request to the sending end, so that the sending end generates the second preset encryption key and the second preset decryption key based on the key acquisition request;
step S42: receiving the second preset encryption key sent by the sending end;
step S43: and sending the second preset encryption key to the preset security area so that the preset security area stores the second preset encryption key.
It should be noted that, the second preset encryption key and the second preset decryption key are obtained by the sending end based on the key obtaining request of the receiving end, and the second preset encryption key and the second preset decryption key are the encryption key and the decryption key with the corresponding relationship generated by the sending end, that is, the key seed information is encrypted by using the second preset encryption key to obtain the encrypted seed information, and the second preset decryption key is used to decrypt the encrypted seed information to obtain the key seed information. Meanwhile, the sending end sends the second preset encryption key to the receiving end and stores the second preset encryption key in a preset safety area, so that the second preset encryption key cannot be tampered or destroyed, and the integrity and safety of the second preset encryption key are ensured.
Referring to fig. 6, fig. 6 is a schematic flow chart before step S12 of a fifth embodiment of the data processing method according to the present invention; the method is used for a receiving end, the receiving end is provided with a preset safety area, and the method comprises the following steps:
step S51: acquiring a second universal unique identification code from a local memory;
step S52: transmitting the second universal unique identification code to the preset safety area so that the preset safety area obtains authentication success information when the second universal unique identification code and the first universal unique identification code meet preset conditions;
correspondingly, step S12 includes: and when the authentication success information fed back by the preset safety area is received, sending the encrypted data information to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key, and obtaining result data information.
It should be noted that, the second universal unique identifier is a pair of universal unique identifiers having a corresponding relationship with the first universal unique identifier, typically, a pair of universal unique identifiers having a corresponding relationship are generated simultaneously, and the universal unique identifiers having a corresponding relationship are identical, that is, the second universal unique identifier is identical to the first universal unique identifier, the second universal unique identifier and the first universal unique identifier satisfy a preset condition, the second universal unique identifier is different from the first universal unique identifier, and the second universal unique identifier and the first universal unique identifier do not satisfy the preset condition.
It can be understood that the preset security area can obtain authentication success information only when the second universal unique identification code is the same as the first universal unique identification code; and the receiving end sends the encrypted data information to the preset safety area according to the authentication success information, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information. When the second universal unique identification code is different from the first universal unique identification code, the preset safety area obtains authentication failure information, and the receiving end does not send the encrypted data information according to the authentication failure information. Because the first universal unique identification code is stored in the secure area, the situation that the first universal unique identification code is tampered or destroyed cannot occur, when the second universal unique identification code is different from the second universal unique identification code, namely, the second universal unique identification code is tampered or destroyed in the local memory (except the preset secure area, other areas of the receiving end are all non-secure areas), the non-secure area of the receiving end possibly has threat of viruses and the like, and decryption of the encrypted data information is stopped. If the second universal unique identification code is different from the second universal unique identification code, the encrypted data information is continuously decrypted to obtain the result data information, and the result data information is fed back to the receiving end, so that the result data information can be tampered or destroyed by the virus threat of the non-safety area when the non-safety area with the virus threat of the receiving end processes the result data, and the safety of the result data information is poor.
Referring to fig. 7, fig. 7 is a schematic flow chart before step S51 of a sixth embodiment of the data processing method according to the present invention; the method is used for a receiving end, the receiving end is provided with a preset safety area, and the method comprises the following steps:
step S61: acquiring equipment information and time information of the receiving end;
step S62: based on the device information and the time information, obtaining the first universal unique identification code and the second universal unique identification code;
step S63: and storing the second universal unique identification code in the local memory, and sending the first universal unique identification code to the preset safety area so that the preset safety area stores the first universal unique identification code.
It should be noted that, the time information refers to the running time of executing the data processing method of the present invention; when the data processing method of the invention runs for the first time, the first universal unique identification code and the second universal unique identification code are generated according to the equipment information of the receiving end and the current running time of the receiving end for executing the data processing method; the first universal unique identification code and the second universal unique identification code may be generated according to the running time of the data processing method and the device information of the receiving end each time the receiving end runs the data processing method. It will be appreciated that the device information at the receiving end is generally unchanged, the time information may change, and the variables for generating the first universal unique identifier and the second universal unique identifier at different times are derived from the time information.
The second universal unique identification code and the first universal unique identification code are UUIDs, the UUIDs are composed of a group of 16-system digits with 32-bit numbers, so that the theoretical total number of the UUIDs is 16 32 The number (in this application, one UUID is the same first universal unique identifier and the second universal unique identifier) is extremely large, that is, if 1 million UUIDs are generated every nanosecond, it takes 100 hundred million years to run out of all UUIDs.
Because the second universal unique identification code and the first universal unique identification code are UUIDs, when the first universal unique identification code and the second universal unique identification code are used as matching conditions to be restrained, the security of the matching conditions is extremely high, meanwhile, the first universal unique identification is stored in a preset security area, and the security of the first universal unique identification is extremely high and cannot be tampered and destroyed.
Referring to fig. 8, fig. 8 is a flowchart of a method for receiving a data processing method according to a seventh embodiment of the present invention, wherein the receiving end has a preset security area, and the method includes the following steps:
step S71: extracting the virtual resource transaction information to be verified from the result data information;
Step S72: transmitting the virtual resource transaction information to be verified to the preset safety area, so that the preset safety area verifies the virtual resource transaction information to be verified by utilizing the identity verification information to obtain a verification result;
step S73: receiving the verification result fed back by the preset safety area;
step S74: and sending the verification result to the sending end so that the sending end obtains a virtual resource transaction result based on the verification result.
It should be noted that, the virtual resource in the present application may refer to a red packet, a game gold coin, or a virtual currency, where the virtual resource transaction information includes a transaction amount of the virtual resource, a transaction object of the virtual resource, a payment object of the virtual resource, and the like, and generally, the transmitting end has a virtual resource total amount of the exclusive user corresponding to the receiving end, and when performing the virtual resource transaction, the receiving end is required to return a verification result, so that the transmitting end determines a virtual resource transaction result of the exclusive user based on the verification result, and determines a new virtual resource total amount of the exclusive user according to the virtual resource transaction result.
It can be understood that the virtual resource transaction information needs to be verified by the receiving end, that is, the authentication information in the security area preset by the receiving end is utilized to verify the virtual resource transaction information, when the payment object or the transaction object of the virtual resource transaction information is the exclusive user of the receiving end, the verification result is verification success, and when the payment object or the transaction object of the virtual resource transaction information is not the exclusive user of the receiving end, the verification result is verification failure. The identity authentication information of the exclusive user stored in a preset safety area of the receiving end. The preset security area of the same receiving end can store the identity verification information of a plurality of exclusive users, and different exclusive users can correlate the identity verification information according to the set account numbers.
For example, the total virtual resource amount of the K user at the transmitting end is 10000 game chips, the to-be-verified virtual resource transaction information pays 2000 game chips for the K user to the L user, then the authentication is performed by using the identity authentication information of the K user in a preset security area of the receiving end, a successful authentication result is obtained, the receiving end transmits the authentication result to the transmitting end, and the transmitting end changes the total virtual resource amount of the K user into 8000 game chips according to the successful authentication result.
In general, when the verification of the transaction information of the virtual resource to be verified fails, the receiving end feeds back the verification failure information to the transmitting end, and the transmitting end does not change any virtual resource.
Further, before step S72, the method further includes: collecting biological characteristic information of a user, or receiving password information sent by the user; obtaining the authentication information based on the biometric information, or obtaining the authentication information based on the password information; and sending the authentication information to the preset security area so that the preset security area stores the authentication information.
It should be noted that, the biometric information includes fingerprint information, voiceprint information, iris information, vein information, face information, etc., and the password information may include numbers, letters, symbols, combinations of Chinese characters, etc.
The high safety of the biological characteristic information and the password information ensures the safety of the obtained identity verification information, meanwhile, the identity verification information is stored in a preset safety area, the safety of the identity verification information is extremely high, thereby ensuring that the virtual resource transaction information to be verified is verified by using the identity verification information, and the accuracy of the verification result is extremely high when a verification result is obtained, and further ensuring that the virtual resource of a user is not stolen.
Referring to fig. 9, fig. 9 is a block diagram of a first embodiment of a data processing apparatus according to the present invention, where the apparatus is used for a receiving end, and the receiving end has a preset security area, and the apparatus includes:
a first receiving module 10, configured to receive encrypted data information sent by a sending end, where the encrypted data information is obtained by encrypting with a first preset encryption key;
the first sending module 20 is configured to send the encrypted data information to the preset security area, so that the preset security area decrypts the encrypted data information by using a pre-stored first preset decryption key to obtain result data information;
and the feedback receiving module 30 is configured to receive the result data information fed back by the preset safety area.
Optionally, a second preset encryption key and key seed information are stored in the preset security area; the apparatus further comprises:
the instruction sending module is used for sending a seed generation instruction to the preset safety area so that the preset safety area can obtain the first preset decryption key based on the key seed information, and the second preset encryption key is used for encrypting the key seed information to obtain encrypted seed information;
the seed receiving module is used for receiving the encrypted seed information sent by the preset safety area, sending the encrypted seed information to the sending end, enabling the sending end to decrypt the encrypted seed information by using a pre-stored second preset decryption key to obtain the key seed information, and obtaining the first preset encryption key based on the key seed information.
Optionally, the apparatus further includes:
the second sending module is used for sending the encryption algorithm set and the compression method set to the sending end so that the sending end can obtain a selected encryption algorithm and a selected compression method based on the encryption algorithm set and the compression method set;
the second receiving module is used for receiving the selected encryption algorithm and the selected compression method which are sent by the sending end;
The instruction sending module is further configured to send the selected encryption algorithm, the selected compression method, and a seed generation instruction to the preset secure area, so that the preset secure area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the selected encryption algorithm, the selected compression method, and the second encryption key to obtain encrypted seed information.
Optionally, the apparatus further includes:
the third sending module is used for sending a key acquisition request to the sending end so that the sending end generates the second preset encryption key and the second preset decryption key based on the key acquisition request;
the third receiving module is used for receiving the second preset encryption key sent by the sending end;
and the key sending module is used for sending the second preset encryption key to the preset security area so that the preset security area stores the second preset encryption key.
Optionally, the preset security area stores a first universal unique identification code; the apparatus further comprises:
the first acquisition module is used for acquiring a second universal unique identification code from the local memory;
The fourth sending module is used for sending the second universal unique identification code to the preset safety area so that the preset safety area can obtain authentication success information when the second universal unique identification code and the first universal unique identification code meet preset conditions;
the first sending module is further configured to send the encrypted data information to the preset security area when the authentication success information fed back by the preset security area is received, so that the preset security area decrypts the encrypted data information through a pre-stored first preset decryption key, and obtains result data information.
Optionally, the apparatus further includes:
the second acquisition module is used for acquiring the equipment information and the time information of the receiving end;
an obtaining module configured to obtain the first universal unique identification code and the second universal unique identification code based on the device information and the time information;
and the storage module is used for storing the second universal unique identification code in the local memory and sending the first universal unique identification code to the preset safety area so that the preset safety area stores the first universal unique identification code.
Optionally, the result data information includes virtual resource transaction information to be verified, and the preset security area stores identity verification information; the apparatus further comprises:
the extraction module is used for extracting the virtual resource transaction information to be verified from the result data information;
a fifth sending module, configured to send the virtual resource transaction information to be verified to the preset security area, so that the preset security area verifies the virtual resource transaction information to be verified by using the identity verification information, and a verification result is obtained;
a fourth receiving module, configured to receive the verification result fed back by the preset security area;
and the sixth sending module is used for sending the verification result to the sending end so that the sending end obtains a virtual resource transaction result based on the verification result.
Optionally, the apparatus further includes:
the acquisition module is used for acquiring the biological characteristic information of the user or receiving the password information sent by the user;
the verification information obtaining module is used for obtaining the identity verification information based on the biological characteristic information or obtaining the identity verification information based on the password information;
And the authentication information sending module is used for sending the authentication information to the preset security area so that the preset security area stores the authentication information.
The foregoing description is only of the optional embodiments of the present invention, and is not intended to limit the scope of the invention, and all the equivalent structural changes made by the description of the present invention and the accompanying drawings or the direct/indirect application in other related technical fields are included in the scope of the invention.

Claims (10)

1. A data processing method, characterized in that it is applied to a receiving end, the receiving end has a preset security area, the data processing method includes the following steps:
receiving encrypted data information sent by a sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key;
the encrypted data information is sent to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information;
and receiving the result data information fed back by the preset safety area.
2. The data processing method according to claim 1, wherein a second preset encryption key and key seed information are stored in the preset security area;
Before the step of receiving the encrypted data information sent by the sending end, the method further includes:
sending a seed generation instruction to the preset security area, so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key to obtain encrypted seed information;
the encryption seed information sent by the preset security area is received, and the encryption seed information is sent to the sending end, so that the sending end decrypts the encryption seed information by utilizing a pre-stored second preset decryption key to obtain the key seed information, and the first preset encryption key is obtained based on the key seed information.
3. The data processing method according to claim 2, wherein the step of transmitting a seed generation instruction to the preset security area to cause the preset security area to obtain the first preset decryption key based on the key seed information and encrypt the key seed information with the second preset encryption key, the method further comprising, before the step of obtaining encrypted seed information:
Transmitting an encryption algorithm set and a compression method set to the transmitting end so that the transmitting end obtains a selected encryption algorithm and a selected compression method based on the encryption algorithm set and the compression method set;
receiving the selected encryption algorithm and the selected compression method sent by the sending end;
the step of sending a seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypts the key seed information by using the second preset encryption key, and the step of obtaining encrypted seed information includes:
and sending the selected encryption algorithm, the selected compression method and the seed generation instruction to the preset security area so that the preset security area obtains the first preset decryption key based on the key seed information, and encrypting the key seed information by utilizing the selected encryption algorithm, the selected compression method and the second preset encryption key to obtain encrypted seed information.
4. The data processing method of claim 3, wherein the transmitting the selected encryption algorithm, the selected compression method, and the seed generation instruction to the preset security zone to cause the preset security zone to obtain the first preset decryption key based on the key seed information, and encrypt the key seed information using the selected encryption algorithm, the selected compression method, and the second preset encryption key, the method further comprising, prior to the step of obtaining encrypted seed information:
Sending a key acquisition request to the sending end, so that the sending end generates the second preset encryption key and the second preset decryption key based on the key acquisition request;
receiving the second preset encryption key sent by the sending end;
and sending the second preset encryption key to the preset security area so that the preset security area stores the second preset encryption key.
5. The data processing method according to claim 1, wherein the predetermined security area stores a first universal unique identification code; before the step of sending the encrypted data information to the preset security area to enable the preset security area to decrypt the encrypted data information through a pre-stored first preset decryption key to obtain the result data information, the method further comprises:
acquiring a second universal unique identification code from a local memory;
transmitting the second universal unique identification code to the preset safety area so that the preset safety area obtains authentication success information when the second universal unique identification code and the first universal unique identification code meet preset conditions;
The step of sending the encrypted data information to the preset security area so that the preset security area decrypts the encrypted data information through a pre-stored first preset decryption key, and the step of obtaining the result data information comprises the following steps:
and when the authentication success information fed back by the preset safety area is received, sending the encrypted data information to the preset safety area, so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key, and obtaining result data information.
6. The data processing method of claim 5, wherein prior to the step of retrieving the second universal unique identification code from the local memory, the method further comprises:
acquiring equipment information and time information of the receiving end;
based on the device information and the time information, obtaining the first universal unique identification code and the second universal unique identification code;
and storing the second universal unique identification code in the local memory, and sending the first universal unique identification code to the preset safety area so that the preset safety area stores the first universal unique identification code.
7. The data processing method according to claim 1, wherein the result data information includes virtual resource transaction information to be verified, and the identity verification information is stored in the preset security area; after the step of receiving the result data information fed back by the preset security area, the method further includes:
extracting the virtual resource transaction information to be verified from the result data information;
transmitting the virtual resource transaction information to be verified to the preset safety area, so that the preset safety area verifies the virtual resource transaction information to be verified by utilizing the identity verification information to obtain a verification result;
receiving the verification result fed back by the preset safety area;
and sending the verification result to the sending end so that the sending end obtains a virtual resource transaction result based on the verification result.
8. A data processing apparatus for use with a receiving end having a predetermined security area, the apparatus comprising:
the first receiving module is used for receiving encrypted data information sent by the sending end, wherein the encrypted data information is obtained by encrypting by using a first preset encryption key;
The first sending module is used for sending the encrypted data information to the preset safety area so that the preset safety area decrypts the encrypted data information through a pre-stored first preset decryption key to obtain result data information;
and the feedback receiving module is used for receiving the result data information fed back by the preset safety area.
9. A receiving end, the receiving end comprising: a preset security area, a memory, a processor and a data processing program stored on the memory and running on the processor, which data processing program, when executed by the processor, implements the steps of the data processing method according to any one of claims 1 to 7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a data processing program which, when executed by a processor, implements the steps of the data processing method according to any of claims 1 to 7.
CN202111636385.7A 2021-12-29 2021-12-29 Data processing method, device, receiving end and computer readable storage medium Pending CN116415260A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111636385.7A CN116415260A (en) 2021-12-29 2021-12-29 Data processing method, device, receiving end and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111636385.7A CN116415260A (en) 2021-12-29 2021-12-29 Data processing method, device, receiving end and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN116415260A true CN116415260A (en) 2023-07-11

Family

ID=87053087

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111636385.7A Pending CN116415260A (en) 2021-12-29 2021-12-29 Data processing method, device, receiving end and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN116415260A (en)

Similar Documents

Publication Publication Date Title
AU2016217549B2 (en) Systems and methods for securely managing biometric data
US11398913B2 (en) Secure distributed information system for public device authentication
US10171428B2 (en) Confidential data management method and device, and security authentication method and system
KR101873530B1 (en) Mobile system, method of processing an input in a mobile system, and electronic payment method using a mobile system
CN110826043B (en) Digital identity application system and method, identity authentication system and method
CN106611310B (en) Data processing method, wearable electronic device and system
US20230368194A1 (en) Encryption method and decryption method for payment key, payment authentication method, and terminal device
US20180240100A1 (en) Method for securing a transaction from a non-secure terminal
US20190311106A1 (en) System and method for pin entry on mobile devices
CN104915584A (en) Intelligent mobile terminal random encryption and decryption system based on fingerprint characteristics
CN111316596B (en) Encryption chip with identity verification function
CN104866129A (en) Computing device and password input method thereof
CN112987942B (en) Method, device and system for inputting information by keyboard, electronic equipment and storage medium
TWI715833B (en) Air card issuing method, device, computing equipment, computer readable storage medium and computer program product
CN114070614A (en) Identity authentication method, device, equipment, storage medium and computer program product
CN106411520B (en) Method, device and system for processing virtual resource data
CN105933503B (en) Information processing method and electronic equipment
US20190258829A1 (en) Securely performing a sensitive operation using a non-secure terminal
CN113329004B (en) Authentication method, system and device
CN114219055B (en) Bar code generation method, bar code verification method and payment system
KR20070089427A (en) Authentication system for on-line banking, and user terminal for the same
CN103870959A (en) Batch electronic transaction processing method and electronic signature device
CN116415260A (en) Data processing method, device, receiving end and computer readable storage medium
CN110098915B (en) Authentication method and system, and terminal
KR101648779B1 (en) Method for secure text input in information terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination