CN116432249A - Data authorization management method, device and medium based on electronic signature technology - Google Patents
Data authorization management method, device and medium based on electronic signature technology Download PDFInfo
- Publication number
- CN116432249A CN116432249A CN202310470401.2A CN202310470401A CN116432249A CN 116432249 A CN116432249 A CN 116432249A CN 202310470401 A CN202310470401 A CN 202310470401A CN 116432249 A CN116432249 A CN 116432249A
- Authority
- CN
- China
- Prior art keywords
- authorization
- user
- contract
- data
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 193
- 238000005516 engineering process Methods 0.000 title claims abstract description 56
- 238000007726 management method Methods 0.000 title claims abstract description 35
- 238000000034 method Methods 0.000 claims abstract description 54
- 238000012795 verification Methods 0.000 claims description 25
- 238000003860 storage Methods 0.000 claims description 15
- 238000012544 monitoring process Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 claims description 4
- 238000007781 pre-processing Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 description 11
- 230000006870 function Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 8
- 230000006872 improvement Effects 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 6
- 238000011161 development Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 229920001296 polysiloxane Polymers 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 239000010979 ruby Substances 0.000 description 1
- 229910001750 ruby Inorganic materials 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Business, Economics & Management (AREA)
- Bioethics (AREA)
- Tourism & Hospitality (AREA)
- Technology Law (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Automation & Control Theory (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a data authorization management method, equipment and medium based on an electronic signature technology, which are used for solving the problem that the existing electronic signature technology is single in application in data authorization. The method comprises the following steps: based on specific content in the predefined electronic contract and a preset coding rule, generating a corresponding authorization code for the electronic contract, and obtaining an authorization contract corresponding to the electronic contract; based on the scanning trigger of the user to the authorization code, acquiring the identity information of the user and the authority data of the authorization contract, and completing the identity authentication of the user according to the identity information; confirming willingness information of a user in a preset mode, and applying a digital certificate corresponding to the user to a third party CA center; and verifying the authorization contract according to the authority data of the authorization contract, combining the willingness information of the user with the service data based on the electronic signature technology under the condition that the authorization contract is verified, completing signing of the authorization contract, and realizing authorization management of the data.
Description
Technical Field
The present disclosure relates to the field of electronic signature technologies, and in particular, to a method, an apparatus, and a medium for managing data authorization based on an electronic signature technology.
Background
At present, with the development of the internet and big data, business transaction is gradually and rapidly performed on line, the data open sharing degree is also higher and higher, and with the development of mobile application, the application of an electronic signature technology is gradually matured in the application of electronic contract signing.
However, the single value of the tool attribute of the electronic signature technology is also exposed, the current electronic signature technology only holds a piece of untampered electronic certificate in a trusted environment, the application mode of the electronic signature technology and the service correlation application are not yet discovered, the application mode of the electronic signature technology is too single and is generally embedded into the mobile internet application for use, the traditional offline service cannot be compatible, and in the signing process, the digest is directly extracted through an encryption algorithm, so that the information cannot be tampered, but the related service data cannot be held.
Disclosure of Invention
The embodiment of the application provides a data authorization management method, equipment and medium based on an electronic signature technology, which are used for solving the technical problem that the existing electronic signature technology is single in application in data authorization.
In one aspect, an embodiment of the present application provides a data authorization management method based on an electronic signature technology, including:
based on specific content in a predefined electronic contract and a preset coding rule, generating a corresponding authorization code for the electronic contract, and obtaining an authorization contract corresponding to the electronic contract;
based on the scanning trigger of the user to the authorization code, acquiring the identity information of the user and the authority data of the authorization contract, and completing the identity authentication of the user according to the identity information;
confirming willingness information of the user in a preset mode, and applying a digital certificate corresponding to the user to a third-party CA center;
and verifying the authorization contract according to the authority data of the authorization contract, and combining the willingness information of the user with the service data corresponding to the authorization contract based on an electronic signature technology under the condition that the authorization contract passes the verification, so as to complete signing of the authorization contract and realize authorization management of the data.
In one implementation manner of the present application, the generating a corresponding authorization code for the electronic contract based on specific content in a predefined electronic contract and a preset encoding rule, and obtaining an authorization contract corresponding to the electronic contract specifically includes:
determining a service requirement corresponding to a user according to an access request of the user, and defining a corresponding electronic contract for the user according to the service requirement;
based on the specific content in the electronic contract, generating an authorization code corresponding to the electronic contract according to the time, the service information and the random number combination mode so as to obtain an authorization contract corresponding to the electronic contract;
the specific content at least comprises service information, service codes, time and client information corresponding to the electronic contract, and the random number is used for uniquely identifying the electronic contract.
In an implementation manner of the present application, a method for managing data authorization based on an electronic signature technology according to claim 2, wherein after defining a corresponding electronic contract for the user according to the service requirement, the method further includes:
preprocessing the electronic contract based on a hash algorithm, and obtaining a hash value corresponding to the electronic contract;
and encrypting the hash value corresponding to the electronic contract and the electronic contract according to an asymmetric encryption algorithm to determine that the specific content in the electronic contract is not tampered.
In one implementation manner of the present application, the method for managing data authorization based on the electronic signature technology according to claim 1 is characterized in that the acquiring the identity information of the user and the authorization data of the authorization contract based on the scan trigger of the user on the authorization code specifically includes:
monitoring the authorization code through a preset monitoring component to determine whether a user scans the authorization code through a mobile terminal;
under the condition that scanning operation is monitored, a filling interface of user information is sent to the user based on triggering of the scanning operation, and identity information in the user information is obtained according to the user information uploaded by the user based on the filling interface;
and returning basic information corresponding to the authorization contract to the user based on the user information uploaded by the user, so that the user obtains the authority data of the authorization contract in the basic information.
In an implementation manner of the present application, the method for managing data authorization based on the electronic signature technology according to claim 4 is characterized in that the determining the willingness information of the user by a preset manner specifically includes:
acquiring willingness information in the user information, and returning the willingness information to a mobile terminal of a corresponding user for display;
and acquiring face data returned by the user based on face recognition operation in the mobile terminal, and verifying the face data based on a verification interface provided by a third party mechanism so as to determine willingness information of the user.
In one implementation manner of the present application, the method for managing data authorization based on the electronic signature technology according to claim 1 is characterized in that the step of completing identity authentication of the user according to the identity information specifically includes:
determining one of a name, an identity card number and a mobile phone number in the identity information;
acquiring a mobile phone verification code of the user based on the mobile phone number of the user, and verifying the mobile phone verification code based on an operator corresponding to the mobile phone number of the user;
based on a verification interface provided by a third party, verifying the name and the identity card number of the user, and completing the identity authentication of the user under the condition that the name, the identity card number and the mobile phone number pass verification.
In one implementation manner of the present application, the verifying the authorization contract according to the authority data of the authorization contract specifically includes:
determining the data authority, the data range and the authorization validity period in the authorization contract according to the authority data of the authorization contract, and determining whether the authorization validity period accords with the current time;
and under the condition that the data authority, the data range and the authorization validity period of the authorization contract are consistent with the requirements of the user, determining that the authorization contract passes verification.
In one implementation of the present application, in a case where the authorization contract verifies, the method further includes:
generating a calling instruction of corresponding data for the user according to the authorization code scanned by the user, and sending the calling instruction to a database;
and acquiring data corresponding to the calling instruction from the database according to the calling instruction, and completing authorization management of the data.
On the other hand, the embodiment of the application also provides a data authorization management device based on the electronic signature technology, which comprises:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a data authorization management method based on electronic signature technology as described above.
In another aspect, embodiments of the present application also provide a non-volatile computer storage medium storing computer-executable instructions configured to:
the data authorization management method based on the electronic signature technology is as above.
The embodiment of the application provides a data authorization management method, equipment and medium based on an electronic signature technology, which at least comprise the following beneficial effects:
the authorization code is generated based on the specific content of the electronic contract, so that the related content of the electronic contract can be known later according to the authorization code, and the concept of the authorization code is innovated to be compatible with offline service; the authentication of the user identity and the verification of the authorization contract can be completed by acquiring the identity information of the user and the authority data of the authorization code, and the preposed custom data authorization protocol functional module can reduce the operation development cost without presetting various contract templates; the method is characterized in that the traditional electronic signature technology is improved, only the electronic storage of the authorized contract file is carried out, and in the method, the data in the protocol can be stored in a structured manner for service management and quotation; the complete service chain from the distribution authorization to the implementation authorization to the data call is realized, and the reality and the effectiveness of the data authorization in the use process are ensured.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. In the drawings:
fig. 1 is a schematic flow chart of a data authorization management method based on an electronic signature technology according to an embodiment of the present application;
fig. 2 is a schematic diagram of an internal structure of a data authorization management device based on an electronic signature technology according to an embodiment of the present application.
Detailed Description
For the purposes, technical solutions and advantages of the present application, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present application and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The embodiment of the application provides a data authorization management method, equipment and medium based on an electronic signature technology, wherein authorization codes are generated based on specific contents of electronic contracts, so that related contents of the electronic contracts can be known later according to the authorization codes, and offline services are compatible through concepts of innovative authorization codes; the authentication of the user identity and the verification of the authorization contract can be completed by acquiring the identity information of the user and the authority data of the authorization code, and the preposed custom data authorization protocol functional module can reduce the operation development cost without presetting various contract templates; the method is characterized in that the traditional electronic signature technology is improved, only the electronic storage of the authorized contract file is carried out, and in the method, the data in the protocol can be stored in a structured manner for service management and quotation; the complete service chain from the distribution authorization to the implementation authorization to the data call is realized, and the reality and the effectiveness of the data authorization in the use process are ensured. The technical problem that the existing electronic signature technology is single in application in data authorization is solved.
Fig. 1 is a flow chart of a data authorization management method based on an electronic signature technology according to an embodiment of the present application. As shown in fig. 1:
101. based on specific content in the predefined electronic contract and a preset coding rule, a corresponding authorization code is generated for the electronic contract, and an authorization contract corresponding to the electronic contract is obtained.
In order to solve the problem that the electronic signature technology is singly applied in data authorization, the application provides a data authorization management method based on the electronic signature technology, which is applied to data authorization and data calling scenes, and is combined with the application scene of data authorization management, the data authorization management application method based on the electronic signature technology is established, and the method is utilized to expand the application of the electronic signature technology to traditional offline business, so that the management problem of business information in a data authorization protocol, including the validity period and key business content, is solved.
Firstly, a server needs to acquire a predefined electronic contract and a preset coding rule, and obtains specific contents of the electronic contract, so that a corresponding authorization code is generated for the electronic contract according to the specific contents in the predefined electronic contract and the preset coding rule, and further an authorization contract corresponding to the electronic contract is obtained.
Specifically, the server receives an access request of a user, determines a service requirement corresponding to the user according to the access request of the user, further can define a corresponding electronic contract for the user according to the determined service requirement of the user, and then generates an authorization code corresponding to the electronic contract according to the specific content in the electronic contract, time, service information and a random number combination mode by the server, so that an authorization contract corresponding to the electronic contract is obtained. It should be noted that, in the embodiment of the present application, the specific content includes at least service information, service code, time and client information corresponding to the electronic contract, where the random number is used to uniquely identify the electronic contract.
In one embodiment of the application, after defining a corresponding electronic contract for a user according to service requirements, the server pre-processes the electronic contract based on a hash algorithm, so that a hash value corresponding to the electronic contract can be obtained, and then encrypts the hash value corresponding to the electronic contract and the electronic contract through an asymmetric encryption algorithm, so that specific contents in the electronic contract are determined not to be tampered.
102. Based on the scanning trigger of the user to the authorization code, the identity information of the user and the authority data of the authorization contract are obtained, and the identity authentication of the user is completed according to the identity information.
Under the condition that the authorization code of the electronic contract is scanned by the user is identified, based on the triggering of the scanning action of the user, the server can acquire the identity information of the user and the authorization data corresponding to the authorization contract, and then can perform identity verification on the user according to the acquired identity information of the user so as to finish the authentication of the user identity.
Specifically, a monitoring component for monitoring whether the user scans the authorization code is arranged in the server, so that the server can monitor the authorization code through the monitoring component to determine whether the user scans the authorization code through the mobile terminal. And under the condition that the server monitors the scanning operation, based on the triggering of the scanning operation, sending a filling interface of the user information to the user, acquiring identity information in the user information according to the user information uploaded by the user based on the filling interface, and then returning basic information corresponding to the authorization contract to the user based on the user information uploaded by the user so as to enable the user to acquire the authorization data of the authorization contract in the basic information.
The server determines one of a name, an identification card number, and a cell phone number in the identity information. The server obtains a mobile phone verification code of the user based on the mobile phone number of the user, verifies the mobile phone verification code based on an operator corresponding to the mobile phone number of the user, verifies the name and the identity card number of the user based on a verification interface provided by a third party, and completes identity authentication of the user under the condition that the name, the identity card number and the mobile phone number pass verification.
103. And confirming the willingness information of the user in a preset mode, and applying for the digital certificate corresponding to the user from the third-party CA center.
The server also needs to acquire the willingness information of the user, and verify and confirm the willingness information of the user in a preset mode. And under the condition that the obtained willingness information is confirmed to be the willingness information of the user, the server continuously applies the digital certificate corresponding to the user to the third-party CA center, so that the digital certificate corresponding to the user can be conveniently used subsequently, the related content of the electronic contract is encrypted, and the authenticity of the identity of the user is ensured.
Specifically, the server acquires willingness information in the user information, returns the willingness information to the mobile terminal of the corresponding user to display, the user operates according to the willingness information displayed in the mobile terminal, and returns confirmation information after the operation is completed, then the server can acquire face data returned by the user based on face recognition operation in the mobile terminal, and verifies the face data based on a verification interface provided by the third party mechanism, so that the willingness information of the user is determined to be correct based on a verification result returned by the third party mechanism.
104. And verifying the authorization contract according to the authority data of the authorization contract, combining the willingness information of the user with the business data corresponding to the authorization contract based on an electronic signature technology under the condition that the authorization contract is verified, completing signing of the authorization contract, and realizing authorization management of the data.
The server verifies whether the authorization contract is valid or not, whether the scope of the authorization contract is correct or not and whether the authorization of related data is available or not according to the obtained authorization data in the authorization contract, and after the verification is passed, the willingness information of the user which is confirmed and the business data corresponding to the authorization contract are combined together through an electronic signature technology, so that the signing process of the authorization contract is completed, and the authorization management of the data in the authorization contract is realized.
Specifically, the server determines the data authority, the data range and the authorization validity period in the authorization contract according to the authority data of the authorization contract, determines whether the authorization validity period accords with the current time, and determines that the authorization contract passes verification under the condition that the data authority, the data range and the authorization validity period of the authorization contract accord with the user requirement.
In one embodiment of the application, the server generates a call instruction of corresponding data for a user according to an authorization code scanned by the user, sends the call instruction to the database, and then acquires the data corresponding to the call instruction from the database according to the call instruction to complete authorization management of the data.
The foregoing is a method embodiment presented herein. Based on the same inventive concept, the embodiment of the application also provides a data authorization management device based on the electronic signature technology, and the structure of the device is shown in fig. 2.
Fig. 2 is a schematic diagram of an internal structure of a data authorization management device based on an electronic signature technology according to an embodiment of the present application. As shown in fig. 2, the apparatus includes:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor, the instructions being executable by the at least one processor to enable the at least one processor to:
based on specific content in the predefined electronic contract and a preset coding rule, generating a corresponding authorization code for the electronic contract, and obtaining an authorization contract corresponding to the electronic contract;
based on the scanning trigger of the user to the authorization code, acquiring the identity information of the user and the authority data of the authorization contract, and completing the identity authentication of the user according to the identity information;
confirming willingness information of a user in a preset mode, and applying a digital certificate corresponding to the user to a third party CA center;
and verifying the authorization contract according to the authority data of the authorization contract, combining the willingness information of the user with the business data corresponding to the authorization contract based on an electronic signature technology under the condition that the authorization contract is verified, completing signing of the authorization contract, and realizing authorization management of the data.
The embodiments of the present application also provide a nonvolatile computer storage medium storing computer executable instructions configured to:
based on specific content in the predefined electronic contract and a preset coding rule, generating a corresponding authorization code for the electronic contract, and obtaining an authorization contract corresponding to the electronic contract;
based on the scanning trigger of the user to the authorization code, acquiring the identity information of the user and the authority data of the authorization contract, and completing the identity authentication of the user according to the identity information;
confirming willingness information of a user in a preset mode, and applying a digital certificate corresponding to the user to a third party CA center;
and verifying the authorization contract according to the authority data of the authorization contract, combining the willingness information of the user with the service data based on the electronic signature technology under the condition that the authorization contract is verified, completing signing of the authorization contract, and realizing authorization management of the data.
In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable Gate Array, FPGA)) is an integrated circuit whose logic function is determined by the programming of the device by a user. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but not just one of the hdds, but a plurality of kinds, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), lava, lola, myHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present specification.
It will be appreciated by those skilled in the art that the present description may be provided as a method, system, or computer program product. Accordingly, the present specification embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description embodiments may take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present description is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the specification. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
The description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for apparatus, devices, non-volatile computer storage medium embodiments, the description is relatively simple, as it is substantially similar to method embodiments, with reference to the section of the method embodiments being relevant.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The foregoing is merely one or more embodiments of the present description and is not intended to limit the present description. Various modifications and alterations to one or more embodiments of this description will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, or the like, which is within the spirit and principles of one or more embodiments of the present description, is intended to be included within the scope of the claims of the present description.
Claims (10)
1. A data authorization management method based on an electronic signature technology, the method comprising:
based on specific content in a predefined electronic contract and a preset coding rule, generating a corresponding authorization code for the electronic contract, and obtaining an authorization contract corresponding to the electronic contract;
based on the scanning trigger of the user to the authorization code, acquiring the identity information of the user and the authority data of the authorization contract, and completing the identity authentication of the user according to the identity information;
confirming willingness information of the user in a preset mode, and applying a digital certificate corresponding to the user to a third-party CA center;
and verifying the authorization contract according to the authority data of the authorization contract, and combining the willingness information of the user with the service data corresponding to the authorization contract based on an electronic signature technology under the condition that the authorization contract passes the verification, so as to complete signing of the authorization contract and realize authorization management of the data.
2. The method for managing data authorization based on electronic signature technology according to claim 1, wherein the method for generating a corresponding authorization code for an electronic contract based on specific content in the predefined electronic contract and a preset encoding rule, and obtaining an authorization contract corresponding to the electronic contract specifically comprises:
determining a service requirement corresponding to a user according to an access request of the user, and defining a corresponding electronic contract for the user according to the service requirement;
based on the specific content in the electronic contract, generating an authorization code corresponding to the electronic contract according to the time, the service information and the random number combination mode so as to obtain an authorization contract corresponding to the electronic contract;
the specific content at least comprises service information, service codes, time and client information corresponding to the electronic contract, and the random number is used for uniquely identifying the electronic contract.
3. The method for managing data authorization based on electronic signature technology as recited in claim 2, wherein after defining the corresponding electronic contract for the user according to the service requirement, the method further comprises:
preprocessing the electronic contract based on a hash algorithm, and obtaining a hash value corresponding to the electronic contract;
and encrypting the hash value corresponding to the electronic contract and the electronic contract according to an asymmetric encryption algorithm to determine that the specific content in the electronic contract is not tampered.
4. The method for managing data authorization based on electronic signature technology according to claim 1, wherein the acquiring the identity information of the user and the authorization data of the authorization contract based on the scanning trigger of the user on the authorization code specifically comprises:
monitoring the authorization code through a preset monitoring component to determine whether a user scans the authorization code through a mobile terminal;
under the condition that scanning operation is monitored, a filling interface of user information is sent to the user based on triggering of the scanning operation, and identity information in the user information is obtained according to the user information uploaded by the user based on the filling interface;
and returning basic information corresponding to the authorization contract to the user based on the user information uploaded by the user, so that the user obtains the authority data of the authorization contract in the basic information.
5. The method for managing data authorization based on electronic signature technology as recited in claim 4, wherein the determining the willingness information of the user by a preset manner specifically includes:
acquiring willingness information in the user information, and returning the willingness information to a mobile terminal of a corresponding user for display;
and acquiring face data returned by the user based on face recognition operation in the mobile terminal, and verifying the face data based on a verification interface provided by a third party mechanism so as to determine willingness information of the user.
6. The method for managing data authorization based on electronic signature technology as recited in claim 1, wherein the step of completing the authentication of the user according to the identity information specifically comprises:
determining one of a name, an identity card number and a mobile phone number in the identity information;
acquiring a mobile phone verification code of the user based on the mobile phone number of the user, and verifying the mobile phone verification code based on an operator corresponding to the mobile phone number of the user;
based on a verification interface provided by a third party, verifying the name and the identity card number of the user, and completing the identity authentication of the user under the condition that the name, the identity card number and the mobile phone number pass verification.
7. The method for managing data authorization based on electronic signature technology as recited in claim 1, wherein verifying the authorization contract according to the authority data of the authorization contract specifically includes:
determining the data authority, the data range and the authorization validity period in the authorization contract according to the authority data of the authorization contract, and determining whether the authorization validity period accords with the current time;
and under the condition that the data authority, the data range and the authorization validity period of the authorization contract are consistent with the requirements of the user, determining that the authorization contract passes verification.
8. The method for managing data authorization based on electronic signature technology as recited in claim 1, wherein in the case that the authorization contract is verified, the method further comprises:
generating a calling instruction of corresponding data for the user according to the authorization code scanned by the user, and sending the calling instruction to a database;
and acquiring data corresponding to the calling instruction from the database according to the calling instruction, and completing authorization management of the data.
9. A data authorization management device based on electronic signature technology, the device comprising:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a method of electronic signature based data authorization management as claimed in any one of claims 1 to 8.
10. A non-transitory computer storage medium storing computer-executable instructions, the computer-executable instructions configured to:
a method of data authorization management based on electronic signature technology as recited in any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310470401.2A CN116432249A (en) | 2023-04-24 | 2023-04-24 | Data authorization management method, device and medium based on electronic signature technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310470401.2A CN116432249A (en) | 2023-04-24 | 2023-04-24 | Data authorization management method, device and medium based on electronic signature technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116432249A true CN116432249A (en) | 2023-07-14 |
Family
ID=87083171
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310470401.2A Pending CN116432249A (en) | 2023-04-24 | 2023-04-24 | Data authorization management method, device and medium based on electronic signature technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116432249A (en) |
-
2023
- 2023-04-24 CN CN202310470401.2A patent/CN116432249A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11228425B2 (en) | Data storage method, data query method and apparatuses | |
| JP7080242B2 (en) | Authentication method and blockchain-based authentication data processing method and equipment | |
| CN111401902B (en) | Service processing method, device and equipment based on block chain | |
| CN111191268B (en) | Storage method, device and equipment capable of verifying statement | |
| CN110222531A (en) | A kind of method, system and equipment accessing database | |
| CN114884674B (en) | User data circulation method, device and equipment based on block chain | |
| CN116167044A (en) | Application container creation method, device and equipment | |
| CN111783071B (en) | Verification method, device, equipment and system based on password and privacy data | |
| CN111600882A (en) | Block chain-based account password management method and device and electronic equipment | |
| CN116432249A (en) | Data authorization management method, device and medium based on electronic signature technology | |
| CN113572827B (en) | Registration processing method and device | |
| CN112883752B (en) | Two-dimensional code scanning method, device and equipment | |
| CN113420284B (en) | Login and user login related service processing method, device and equipment | |
| CN114819932B (en) | Business processing method and device based on block chain | |
| CN113761496B (en) | Identity verification method and device based on blockchain and electronic equipment | |
| CN116011028B (en) | Electronic signature method, electronic signature device and electronic signature system | |
| CN113641983B (en) | Account binding method, device and system of application program | |
| CN116962061A (en) | User identity verification method, device and equipment based on blockchain | |
| CN116455657A (en) | Service providing method, device, equipment and system | |
| CN116049297A (en) | Digital virtual space creation method, digital asset processing method and device | |
| CN115766115A (en) | Identity authentication method and device, storage medium and electronic equipment | |
| CN117614739A (en) | Evidence data storage method and device | |
| CN117574414A (en) | Electronic contract signing processing method and device | |
| CN115098841A (en) | Identity authentication processing method and device | |
| CN115758418A (en) | Data management method, device and equipment based on block chain network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |