CN116527311A - Request response method, request response device, electronic equipment and storage medium - Google Patents

Request response method, request response device, electronic equipment and storage medium Download PDF

Info

Publication number
CN116527311A
CN116527311A CN202310258473.0A CN202310258473A CN116527311A CN 116527311 A CN116527311 A CN 116527311A CN 202310258473 A CN202310258473 A CN 202310258473A CN 116527311 A CN116527311 A CN 116527311A
Authority
CN
China
Prior art keywords
information
asset
transaction
queried
serial number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310258473.0A
Other languages
Chinese (zh)
Inventor
肖经达
戴晓勉
胡文涛
吴洁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202310258473.0A priority Critical patent/CN116527311A/en
Publication of CN116527311A publication Critical patent/CN116527311A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Development Economics (AREA)
  • Data Mining & Analysis (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The disclosure provides a request response method, a request response device, electronic equipment and a storage medium, and is applied to the technical field of information security. The method comprises the following steps: responding to a pre-query request of an asset to be queried, and generating first attribute information according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information; responding to an asset transaction request of the asset to be queried, and determining second attribute information according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information; under the condition that the second token information is matched with the first token information, checking the second transaction serial number information according to the first transaction serial number information to obtain a checking result; and under the condition that the checking result is passed, determining the transaction information of the asset to be queried according to the second transaction serial number information so as to realize the asset transaction service of the asset to be queried.

Description

Request response method, request response device, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to a request response method, apparatus, electronic device, storage medium, and program product.
Background
In order to prevent the situations of cross-domain request or transaction information tampering and the like in the precious metal transaction process, in the prior art, a user generally adopts a dynamic verification code form to prevent a cross-domain mode when carrying out the precious metal transaction request, and the verification code allows the transaction. The tamper resistance of the transaction information when the noble metal performs the transaction can set the way of floating the transaction value of the noble metal and labeling the transaction value in the price locking time.
However, the user experience is reduced by verifying by adopting the dynamic verification code, so that the user operation is invasive; the adoption of the mode of setting the transaction value to float in the price locking time and labeling the transaction value can not truly prevent the data from being tampered to finish the transaction when the transaction is carried out, and the risk is caused to the online transaction, so that the security of the transaction can not be ensured.
Disclosure of Invention
In view of the foregoing, the present disclosure provides a request response method, apparatus, electronic device, storage medium, and program product.
According to an aspect of the present disclosure, there is provided a request response method including:
responding to a pre-query request of an asset to be queried, and generating first attribute information related to the asset to be queried according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information; responding to an asset transaction request of the asset to be queried, and determining second attribute information related to the asset to be queried according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information; under the condition that the second token information is matched with the first token information, checking the second transaction serial number information according to the first transaction serial number information to obtain a checking result; and under the condition that the checking result is passed, determining the transaction information of the asset to be queried according to the second transaction serial number information so as to realize the asset transaction service of the asset to be queried.
According to an embodiment of the present disclosure, before determining that the second token information matches the first token information, further comprising:
setting effective time of the first token information, wherein the effective time is used for limiting the first token information to be effective in a preset time range; and under the condition that the first token information is determined to be in the effective time range, checking the second token information according to the first token information to obtain a checking result.
According to an embodiment of the present disclosure, further comprising: in the event that it is determined that the first token information is not within the valid time range, the asset transaction request is intercepted.
According to an embodiment of the disclosure, determining transaction information of the asset to be queried according to the second transaction serial number to implement an asset transaction service of the asset to be queried, including: decrypting the second transaction serial number to obtain transaction information corresponding to the second transaction serial number; and calling a transaction service interface, and carrying out asset transaction service on the asset to be queried according to the transaction information.
According to an embodiment of the present disclosure, decrypting the second transaction serial number to obtain transaction information corresponding to the second transaction serial number includes:
Performing first decryption on the second transaction serial number to obtain binary data corresponding to the second transaction serial number; and performing second decryption on the binary data based on an asymmetric encryption algorithm to obtain transaction information corresponding to the second transaction serial number.
According to an embodiment of the present disclosure, wherein the asset information includes asset name information and asset transaction manner information.
According to an embodiment of the disclosure, generating first attribute information related to an asset to be queried according to asset information carried in a pre-query request includes: and generating first attribute information related to the asset to be queried according to the asset name information and the asset transaction mode information.
According to an embodiment of the present disclosure, after implementing the asset transaction service of the asset to be queried, the method further includes:
regenerating first attribute information related to the asset to be queried under the condition of responding to the pre-query request of the asset to be queried again; and storing the regenerated first attribute information and then sending the first attribute information to the client.
Another aspect of the present disclosure provides a request response device, including:
the first generation module is used for responding to a pre-query request of the asset to be queried and generating first attribute information related to the asset to be queried according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information; the first determining module is used for responding to an asset transaction request of the asset to be queried, and determining second attribute information related to the asset to be queried according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information; the checking module is used for checking the second transaction serial number information according to the first transaction serial number information under the condition that the second token information is matched with the first token information, so as to obtain a checking result; and the second determining module is used for determining the transaction information of the asset to be queried according to the second transaction serial number information under the condition that the checking result is passed so as to realize the asset transaction service of the asset to be queried.
Another aspect of the present disclosure provides an electronic device, comprising: one or more processors; and a storage device for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method described above.
Another aspect of the present disclosure also provides a computer-readable storage medium having stored thereon executable instructions that, when executed by a processor, cause the processor to perform the above-described method.
Another aspect of the present disclosure also provides a computer program product comprising a computer program which, when executed by a processor, implements the above method.
Request response methods, apparatus, electronic devices, storage media, and program products provided in accordance with the present disclosure. And verifying the first attribute information related to the asset to be queried, which is generated during pre-query, with the second attribute information carried during the transaction of the asset to be queried, and realizing the transaction service of the asset under the condition that the verification of the second attribute information is passed. The method has the advantages that the technical problem that the transaction risk is caused by the fact that data are tampered relative to the existing method for setting a dynamic password, adopting a transaction value amplitude mode within preset time and marking a transaction value is at least partially solved due to the fact that the method is used for carrying out safe interactive checking on attribute information confirmed by inquiring in advance during transaction is set, so that the safety and reliability of transaction success can be guaranteed, the safety is guaranteed, meanwhile, no invasion is caused to operation of a user, and the technical effect of user experience is improved.
Drawings
The foregoing and other objects, features and advantages of the disclosure will be more apparent from the following description of embodiments of the disclosure with reference to the accompanying drawings, in which:
FIG. 1 schematically illustrates an application scenario diagram of a request response method and apparatus according to an embodiment of the disclosure;
FIG. 2 schematically illustrates a flow chart of a request response method according to an embodiment of the disclosure;
FIG. 3 schematically illustrates a schematic diagram of a request response method according to an embodiment of the disclosure;
FIG. 4 schematically illustrates a block diagram of a request response device according to an embodiment of the disclosure; and
fig. 5 schematically illustrates a block diagram of an electronic device adapted to implement a request response method according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where expressions like at least one of "A, B and C, etc. are used, the expressions should generally be interpreted in accordance with the meaning as commonly understood by those skilled in the art (e.g.," a system having at least one of A, B and C "shall include, but not be limited to, a system having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
In the technical scheme of the disclosure, the related data (such as including but not limited to personal information of a user) are collected, stored, used, processed, transmitted, provided, disclosed, applied and the like, all conform to the regulations of related laws and regulations, necessary security measures are adopted, and the public welcome is not violated.
The embodiment of the disclosure provides a request response method, which comprises the following steps: responding to a pre-query request of an asset to be queried, and generating first attribute information related to the asset to be queried according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information; responding to an asset transaction request of the asset to be queried, and determining second attribute information related to the asset to be queried according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information; under the condition that the second token information is matched with the first token information, checking the second transaction serial number information according to the first transaction serial number information to obtain a checking result; and under the condition that the checking result is passed, determining the transaction information of the asset to be queried according to the second transaction serial number information so as to realize the asset transaction service of the asset to be queried.
Fig. 1 schematically illustrates an application scenario diagram of a request response method and apparatus according to an embodiment of the disclosure.
As shown in fig. 1, an application scenario 100 according to this embodiment may include a first terminal device 101, a second terminal device 102, a third terminal device 103, a network 104, and a server 105. The network 104 is a medium used to provide a communication link between the first terminal device 101, the second terminal device 102, the third terminal device 103, and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 105 through the network 104 using at least one of the first terminal device 101, the second terminal device 102, the third terminal device 103, to receive or send messages, etc. Various communication client applications, such as a shopping class application, a web browser application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc. (by way of example only) may be installed on the first terminal device 101, the second terminal device 102, and the third terminal device 103.
The first terminal device 101, the second terminal device 102, the third terminal device 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The server 105 may be a server providing various services, such as a background management server (by way of example only) providing support for websites browsed by the user using the first terminal device 101, the second terminal device 102, and the third terminal device 103. The background management server may analyze and process the received data such as the user request, and feed back the processing result (e.g., the web page, information, or data obtained or generated according to the user request) to the terminal device.
It should be noted that the request response method provided by the embodiments of the present disclosure may be generally performed by the server 105. Accordingly, the request response means provided by the embodiments of the present disclosure may be generally provided in the server 105. The request response method provided by the embodiments of the present disclosure may also be performed by a server or a server cluster that is different from the server 105 and is capable of communicating with the first terminal device 101, the second terminal device 102, the third terminal device 103, and/or the server 105. Accordingly, the request response device provided by the embodiments of the present disclosure may also be provided in a server or a server cluster that is different from the server 105 and is capable of communicating with the first terminal device 101, the second terminal device 102, the third terminal device 103, and/or the server 105.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Fig. 2 schematically illustrates a flow chart of a request response method according to an embodiment of the disclosure.
As shown in fig. 2, the method 200 may include operations S210 to S240.
In operation S210, in response to the pre-query request of the asset to be queried, first attribute information related to the asset to be queried is generated according to asset information carried in the pre-query request, wherein the first attribute information includes first token information and first transaction serial number information.
According to embodiments of the present disclosure, the asset to be queried may be an asset that the asset demander needs to query, which may be a financial product, precious metal, or the like. The asset demander may be a user who needs to pay a certain amount to obtain the asset.
According to an embodiment of the present disclosure, generating first attribute information related to an asset to be queried according to asset information carried in a pre-query request includes: and generating first attribute information related to the asset to be queried according to the asset name information and the asset transaction mode information.
According to embodiments of the present disclosure, the asset transaction style information may include transaction style of a total amount of the pre-set payment by share or by asset demander.
According to an embodiment of the present disclosure, the first attribute information may include first token information and first transaction serial number information, and may further include field information such as transaction amount, transaction share, transaction procedure amount, and the like.
According to an embodiment of the present disclosure, the generated first token information and the first transaction sequence number information are both encrypted information. The first token information and the first transaction sequence number information have uniqueness.
According to an embodiment of the present disclosure, an asset demander may send a pre-query request of an asset to be queried to a server through a front end, and after the server receives the response request, the server may generate first attribute information related to the asset to be queried according to asset information in the received request, for example, an asset name and an asset transaction manner.
According to the embodiment of the disclosure, the first attribute information is stored in the server, and meanwhile, the server can return the generated first attribute information to the front end and display transaction information to the asset demander so that the asset demander knows the transaction information of the asset to be queried in advance.
In response to the asset transaction request of the asset to be queried, determining second attribute information related to the asset to be queried according to the request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information in operation S220.
According to an embodiment of the present disclosure, the request information carried in the asset transaction request may include an asset name, an asset transaction manner, second token information, and second transaction serial number information of the asset to be queried.
According to the embodiment of the disclosure, the second token information and the second transaction serial number information of the transaction request of the asset to be queried can be extracted according to the request information carried in the asset transaction request. The second token information and the second transaction serial number information are both encrypted information.
According to the embodiment of the disclosure, after the asset demand side knows the attribute information of the asset to be queried through pre-query, the server responds to the asset transaction request of the asset to be queried initiated by the asset demand side, and correspondingly processes the asset transaction request of the asset to be queried according to the request information of the received transaction request.
In operation S230, in case it is determined that the second token information matches the first token information, the second transaction serial number is checked according to the first transaction serial number, resulting in a check result.
In operation S240, in case that the checking result is passed, transaction information of the asset to be queried is determined according to the second transaction serial number, so as to implement an asset transaction service of the asset to be queried.
According to the embodiment of the disclosure, after the asset demander initiates an asset transaction request through the front end, after the server receives the second token information and the second transaction serial number carried in the request information, the second token information is first matched with the first token information stored in the server.
According to the embodiment of the disclosure, if the second token information is inconsistent with the first token information, the asset transaction request is a cross-station pseudo request, which is an unreliable request and triggers a pseudo transaction, so that cross-domain request interception can be performed on the asset transaction request to prevent the asset transaction request.
According to the embodiment of the disclosure, if the second token information is matched with the first token information, the asset transaction request is a trusted request, and the second transaction serial number is matched and checked with the first transaction serial number information stored in the storage and server.
According to the embodiment of the disclosure, if the second serial number information is inconsistent with the first serial number information, the transaction amount information represented by the second serial number information is indicated to be the pseudo transaction amount, and the tampered transaction amount information is indicated. Thus, the fake transaction amount made by the asset transaction request may be intercepted, blocking the asset transaction request.
According to the embodiment of the disclosure, if the second serial number information is verified to be consistent with the first serial number information, the transaction amount information represented by the second serial number information is indicated to be a real transaction amount. Transaction information of the asset to be queried can be determined according to the second serial number information so as to respond to the asset transaction request and realize asset transaction service.
According to embodiments of the present disclosure, the transaction information for an asset to be queried may be the transaction amount that the asset to be queried needs to pay.
According to the embodiment of the disclosure, the first attribute information related to the asset to be queried, which is generated during pre-query, is verified with the second attribute information related to the asset to be queried, which is carried during the asset transaction, and the asset transaction service is realized under the condition that the second attribute information is verified. The method has the advantages that the technical problem that the transaction risk is caused by the fact that data are tampered relative to the existing method for setting a dynamic password, adopting a transaction value amplitude mode within preset time and marking a transaction value is at least partially solved due to the fact that the method is used for carrying out safe interactive checking on attribute information confirmed by inquiring in advance during transaction is set, so that the safety and reliability of transaction success can be guaranteed, the safety is guaranteed, meanwhile, no invasion is caused to operation of a user, and the technical effect of user experience is improved.
In accordance with an embodiment of the present disclosure, before determining that the second token information matches the first token information, it may further include: setting effective time of the first token information, wherein the effective time is used for limiting the first token information to be effective in a preset time range; and under the condition that the first token information is determined to be in the effective time range, checking the second token information according to the first token information to obtain a checking result.
According to an embodiment of the present disclosure, the above method may further include: in the event that it is determined that the first token information is not within the valid time range, the asset transaction request is intercepted.
According to an embodiment of the present disclosure, a server generates first token information in response to a pre-query request transmitted by an asset demander through a front end, encrypts the first token information, and sets a valid time.
According to embodiments of the present disclosure, the validity time may be used to limit the validity of the first token information within a preset time range. For example, setting the validity time to 0.2s, then it is indicated that the first token information is valid within 0.2 s; if the first token information exceeds 0.2s, the pre-query of the to-be-queried asset is needed to be re-performed, new first token information is acquired, and new effective time is set.
According to embodiments of the present disclosure, the first token information is regenerated each time a pre-query request is made, identifying the uniqueness of the asset transaction.
According to the embodiment of the disclosure, after the server responds to the asset transaction request sent by the asset demander, the second token information is obtained, whether the first token information stored in the server is in the effective time is first determined, and if the first token information is in the effective time range, the second token information and the first token information are matched and checked, so that a check result is obtained. If the first token information is not in the effective time range, intercepting the asset transaction request, and re-pre-inquiring the asset to be inquired to acquire new first token information.
According to the embodiment of the disclosure, the first token information of the pre-inquired asset is stored in the server, and the second token information determined when the asset transaction is initiated and the first token information are subjected to the secure interaction mode of matching verification, so that whether the asset transaction is a pseudo transaction or not is verified without a user through a dynamic verification code, the uniqueness and the safe reliability of the asset transaction are ensured, the cross-domain attack is effectively prevented, the operation of the user is non-invasive, and the user experience is improved.
According to an embodiment of the present disclosure, determining transaction information of an asset to be queried according to second transaction sequence number information to implement an asset transaction service of the asset to be queried, including: decrypting the second transaction serial number information to obtain transaction information corresponding to the second transaction serial number information; and calling a transaction service interface, and carrying out asset transaction service on the asset to be queried according to the transaction information.
According to an embodiment of the present disclosure, decrypting the second transaction sequence number information to obtain transaction information corresponding to the second transaction sequence number information includes: performing first decryption on the second transaction serial number to obtain binary data corresponding to the second transaction serial number; and performing second decryption on the binary data based on an asymmetric encryption algorithm to obtain transaction information corresponding to the second transaction serial number information.
According to the embodiment of the disclosure, in the case that the second transaction serial number information and the first transaction serial number information are determined to be matched and consistent, the second transaction serial number information can be decrypted, and transaction information corresponding to the second transaction serial number information is obtained through decryption. The transaction information may be a transaction amount paid for the user.
According to embodiments of the present disclosure, a transaction service interface may be invoked to perform asset transaction services on an asset to be queried according to transaction information in response to an asset transaction request.
According to an embodiment of the present disclosure, the first decryption may be a BASE64 encoding decryption and the second decryption may be a corresponding decryption for an asymmetric encryption algorithm.
According to an embodiment of the present disclosure, decrypting the second transaction sequence number information may include: firstly, performing BASE64 coding decryption on encrypted transaction serial number information to obtain binary data represented on the basis of 64 printable characters; and decrypting the binary data based on an asymmetric encryption algorithm (RSA algorithm), wherein the decrypted data can be transaction information corresponding to the second transaction serial number information.
According to the embodiment of the disclosure, under an internet untrusted environment, data sent from the front end may be tampered, the transaction information is encrypted and checked by using an encryption algorithm and the like, the effective transaction information is stored in the server, and the second transaction serial number information in the asset transaction request and the first transaction serial number information corresponding to the effective transaction information in the server are checked, so that the accuracy of the transaction amount can be effectively ensured, and the safety and reliability of the transaction are ensured.
According to an embodiment of the present disclosure, after implementing the asset transaction service of the asset to be queried, further comprising: regenerating first attribute information related to the asset to be queried under the condition of responding to the pre-query request of the asset to be queried again; and storing the regenerated first attribute information and then sending the first attribute information to the client.
According to an embodiment of the present disclosure, first token information included in the first attribute information is generated for each transaction pre-query, identifying that the asset transaction is unique.
According to the embodiment of the disclosure, if the pre-query request of the to-be-queried asset sent by the front end is responded again, the first attribute information is regenerated according to the received asset information, namely, the new encrypted first token information and the encrypted first transaction serial number information are included.
According to the embodiment of the disclosure, the generated new first token information and the first transaction serial number information are stored in the server, and the first attribute information is sent to the front end. The first attribute information may include new encrypted first token information and encrypted first transaction sequence number information, and may further include field information such as transaction amount, transaction share, transaction procedure amount, and the like.
Fig. 3 schematically illustrates a schematic diagram of a request response method according to an embodiment of the present disclosure.
As shown in fig. 3, in response to a pre-query request of an asset to be queried, first attribute information 302 is generated according to asset information 301 carried in the pre-query request, and the first attribute information 302 may include first token information 302-1 and first transaction serial number information 302-2. In response to an asset transaction request for an asset to be queried, second attribute information 304 is determined from request information 303 carried in the asset transaction request, the second attribute information 304 including second token information 304-1 and second transaction sequence number information 304-2. Determining whether the second token information is consistent with the first token information 305, and if not, intercepting the asset transaction request 306; if so, checking whether the second transaction sequence number information and the first transaction sequence number pass 307, and if not, intercepting the asset transaction request 306; if so, determining transaction information 308 of the asset to be queried according to the second transaction serial number information 304-2 to realize transaction service 309 of the asset to be queried.
Based on the request response method, the disclosure further provides a request response device. The device will be described in detail below in connection with fig. 4.
Fig. 4 schematically shows a block diagram of a request response device according to an embodiment of the present disclosure.
As shown in fig. 4, the apparatus 400 may include: a first generation module 410, a first determination module 420, a verification module 430, and a second determination module 440.
The first generating module 410 is configured to respond to a pre-query request of an asset to be queried, and generate first attribute information related to the asset to be queried according to asset information carried in the pre-query request, where the first attribute information includes first token information and first transaction serial number information.
The first determining module 420 is configured to determine, in response to an asset transaction request of the asset to be queried, second attribute information related to the asset to be queried according to request information carried in the asset transaction request, where the second attribute information includes second token information and second transaction serial number information.
And the checking module 430 is configured to check the second transaction serial number information according to the first transaction serial number information to obtain a checking result when it is determined that the second token information matches the first token information.
And the second determining module 440 is configured to determine, according to the second transaction serial number information, transaction information of the asset to be queried, so as to implement an asset transaction service of the asset to be queried, if the inspection result is passed.
According to an embodiment of the present disclosure, the apparatus 400 may further include: a setting module and a checking module.
The setting module is used for setting the effective time of the first token information, wherein the effective time is used for limiting the first token information to be effective in a preset time range.
And the verification module is used for verifying the second token information according to the first token information under the condition that the first token information is determined to be in the effective time range, so as to obtain a verification result.
According to an embodiment of the present disclosure, the apparatus 400 may further include: and an interception module.
And the interception module is used for intercepting the asset transaction request under the condition that the first token information is not in the valid time range.
According to an embodiment of the present disclosure, the second determining module 440 may include: the decryption sub-module and the calling sub-module.
And the decryption sub-module is used for decrypting the second transaction serial number information to obtain transaction information corresponding to the second transaction serial number information.
And the calling sub-module is used for calling a transaction service interface and carrying out asset transaction service on the asset to be queried according to the transaction information.
According to an embodiment of the present disclosure, the decryption sub-module may include: a first decryption unit and a second decryption subunit.
The first decryption unit is used for performing first decryption on the second transaction serial number to obtain binary data corresponding to the second transaction serial number.
And the second decryption subunit is used for performing second decryption on the binary data based on an asymmetric encryption algorithm to obtain transaction information corresponding to the second transaction serial number information.
According to an embodiment of the present disclosure, the asset information includes asset name information and asset transaction mode information.
According to an embodiment of the present disclosure, the first generation module 410 may include: generating a sub-module.
And the generation sub-module is used for generating first attribute information related to the asset to be queried according to the asset name information and the asset transaction mode information.
According to an embodiment of the present disclosure, the apparatus 400 may further include: the second generation module and the storage module.
And the second generation module is used for regenerating the first attribute information related to the asset to be queried under the condition of responding to the pre-query request of the asset to be queried again.
And the storage module is used for storing the regenerated first attribute information and then sending the first attribute information to the client.
According to an embodiment of the present disclosure, any of the first generation module 410, the first determination module 420, the verification module 430, and the second determination module 440 may be combined in one module to be implemented, or any of the modules may be split into a plurality of modules. Alternatively, at least some of the functionality of one or more of the modules may be combined with at least some of the functionality of other modules and implemented in one module. According to embodiments of the present disclosure, at least one of the first generation module 410, the first determination module 420, the verification module 430, and the second determination module 440 may be implemented at least in part as hardware circuitry, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable manner of integrating or packaging the circuitry, or in any one of or a suitable combination of three of software, hardware, and firmware. Alternatively, at least one of the first generation module 410, the first determination module 420, the verification module 430, and the second determination module 440 may be at least partially implemented as computer program modules, which when executed, may perform the respective functions.
Fig. 5 schematically illustrates a block diagram of an electronic device adapted to implement a request response method according to an embodiment of the disclosure.
As shown in fig. 5, an electronic device 500 according to an embodiment of the present disclosure includes a processor 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. The processor 501 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or an associated chipset and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), or the like. The processor 501 may also include on-board memory for caching purposes. The processor 501 may comprise a single processing unit or a plurality of processing units for performing different actions of the method flows according to embodiments of the disclosure.
In the RAM 503, various programs and data required for the operation of the electronic apparatus 500 are stored. The processor 501, ROM 502, and RAM 503 are connected to each other by a bus 504. The processor 501 performs various operations of the method flow according to the embodiments of the present disclosure by executing programs in the ROM 502 and/or the RAM 503. Note that the program may be stored in one or more memories other than the ROM 502 and the RAM 503. The processor 501 may also perform various operations of the method flow according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to an embodiment of the present disclosure, the electronic device 500 may also include an input/output (I/O) interface 505, the input/output (I/O) interface 505 also being connected to the bus 504. The electronic device 500 may also include one or more of the following components connected to the I/O interface 505: an input section 506 including a keyboard, a mouse, and the like; an output portion 507 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker, and the like; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The drive 510 is also connected to the I/O interface 505 as needed. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as needed so that a computer program read therefrom is mounted into the storage section 508 as needed.
The present disclosure also provides a computer-readable storage medium that may be embodied in the apparatus/device/system described in the above embodiments; or may exist alone without being assembled into the apparatus/device/system. The computer-readable storage medium carries one or more programs which, when executed, implement methods in accordance with embodiments of the present disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example, but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this disclosure, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, the computer-readable storage medium may include ROM 502 and/or RAM 503 and/or one or more memories other than ROM 502 and RAM 503 described above.
Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the methods shown in the flowcharts. The program code, when executed in a computer system, causes the computer system to implement the request response method provided by embodiments of the present disclosure.
The above-described functions defined in the system/apparatus of the embodiments of the present disclosure are performed when the computer program is executed by the processor 501. The systems, apparatus, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the disclosure.
In one embodiment, the computer program may be based on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted, distributed, and downloaded and installed in the form of a signal on a network medium, and/or installed from a removable medium 511 via the communication portion 509. The computer program may include program code that may be transmitted using any appropriate network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 509, and/or installed from the removable media 511. The above-described functions defined in the system of the embodiments of the present disclosure are performed when the computer program is executed by the processor 501. The systems, devices, apparatus, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the disclosure.
According to embodiments of the present disclosure, program code for performing computer programs provided by embodiments of the present disclosure may be written in any combination of one or more programming languages, and in particular, such computer programs may be implemented in high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. Programming languages include, but are not limited to, such as Java, c++, python, "C" or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments of the disclosure and/or in the claims may be provided in a variety of combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the disclosure. In particular, the features recited in the various embodiments of the present disclosure and/or the claims may be variously combined and/or combined without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of the present disclosure.
The embodiments of the present disclosure are described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be made by those skilled in the art without departing from the scope of the disclosure, and such alternatives and modifications are intended to fall within the scope of the disclosure.

Claims (11)

1. A request response method, comprising:
responding to a pre-query request of an asset to be queried, and generating first attribute information related to the asset to be queried according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information;
Responding to the asset transaction request of the asset to be queried, and determining second attribute information related to the asset to be queried according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information;
under the condition that the second token information is matched with the first token information, checking the second transaction serial number information according to the first transaction serial number information to obtain a checking result;
and under the condition that the checking result is passed, determining the transaction information of the asset to be queried according to the second transaction serial number information so as to realize the asset transaction service of the asset to be queried.
2. The method of claim 1, prior to determining that the second token information matches the first token information, further comprising:
setting effective time of the first token information, wherein the effective time is used for limiting the first token information to be effective in a preset time range;
and under the condition that the first token information is determined to be in the effective time range, checking the second token information according to the first token information to obtain a checking result.
3. The method of claim 2, further comprising:
intercepting the asset transaction request if it is determined that the first token information is not within the valid time range.
4. The method of claim 1, wherein determining the transaction information of the asset to be queried based on the second transaction sequence number information to enable asset transaction services of the asset to be queried comprises:
decrypting the second transaction serial number information to obtain transaction information corresponding to the second transaction serial number information;
and calling a transaction service interface, and performing asset transaction service on the asset to be queried according to the transaction information.
5. The method of claim 4, wherein decrypting the second transaction sequence number information to obtain transaction information corresponding to the second transaction sequence number information comprises:
performing first decryption on the second transaction serial number to obtain binary data corresponding to the second transaction serial number;
and performing second decryption on the binary data based on an asymmetric encryption algorithm to obtain transaction information corresponding to the second transaction serial number information.
6. The method of claim 1, wherein the asset information includes asset name information and asset transaction manner information;
generating first attribute information related to the asset to be queried according to the asset information carried in the pre-query request, wherein the first attribute information comprises:
and generating first attribute information related to the asset to be queried according to the asset name information and the asset transaction mode information.
7. The method of claim 1, wherein the implementing the asset transaction service for the asset to be queried further comprises:
regenerating first attribute information related to the asset to be queried under the condition of responding to the pre-query request of the asset to be queried again;
and storing the regenerated first attribute information and then sending the first attribute information to a client.
8. A request response device comprising:
the first generation module is used for responding to a pre-query request of an asset to be queried, and generating first attribute information related to the asset to be queried according to asset information carried in the pre-query request, wherein the first attribute information comprises first token information and first transaction serial number information;
The first determining module is used for responding to the asset transaction request of the asset to be queried, and determining second attribute information related to the asset to be queried according to request information carried in the asset transaction request, wherein the second attribute information comprises second token information and second transaction serial number information;
the checking module is used for checking the second transaction serial number information according to the first transaction serial number information under the condition that the second token information is matched with the first token information, so as to obtain a checking result;
and the second determining module is used for determining the transaction information of the asset to be queried according to the second transaction serial number information under the condition that the checking result is passed so as to realize the asset transaction service of the asset to be queried.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-7.
10. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method according to any of claims 1-7.
11. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1 to 7.
CN202310258473.0A 2023-03-16 2023-03-16 Request response method, request response device, electronic equipment and storage medium Pending CN116527311A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310258473.0A CN116527311A (en) 2023-03-16 2023-03-16 Request response method, request response device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310258473.0A CN116527311A (en) 2023-03-16 2023-03-16 Request response method, request response device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116527311A true CN116527311A (en) 2023-08-01

Family

ID=87400105

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310258473.0A Pending CN116527311A (en) 2023-03-16 2023-03-16 Request response method, request response device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116527311A (en)

Similar Documents

Publication Publication Date Title
KR101780636B1 (en) Method for issuing certificate information and blockchain-based server using the same
US20180315050A1 (en) Secure communication of payment information to merchants using a verification token
CN112333198A (en) Secure cross-domain login method, system and server
US20110161671A1 (en) System and method for securing data
CN104040933A (en) Differential client-side encryption of information originating from client
CN114826733B (en) File transmission method, device, system, equipment, medium and program product
CN114500093B (en) Safe interaction method and system for message information
CN112967056A (en) Access information processing method and device, electronic equipment and medium
CN110992034A (en) Supply chain transaction privacy protection system and method based on block chain and related equipment
CN108900472B (en) Information transmission method and device
CN109697368B (en) Method, device and system for safe use of user information data and storage medium
CN111814193B (en) Information sharing method, device and equipment
CN110601836B (en) Key acquisition method, device, server and medium
CN114640524B (en) Method, apparatus, device and medium for processing transaction replay attack
US8819815B1 (en) Method and system for distributing and tracking information
CN114584378B (en) Data processing method, device, electronic equipment and medium
CN116527311A (en) Request response method, request response device, electronic equipment and storage medium
CN114785560B (en) Information processing method, device, equipment and medium
US20200045074A1 (en) Systems and methods for detecting security risks in network pages
CN111415148A (en) Method and device for non-inductive payment, electronic equipment and storage medium
CN114826616B (en) Data processing method, device, electronic equipment and medium
CN114553570B (en) Method, device, electronic equipment and storage medium for generating token
CN118229288A (en) Offline withdrawal method, device, electronic card, system, electronic equipment and medium
CN114844694B (en) Information processing method, apparatus, device and storage medium
CN115147101A (en) Secure payment method, apparatus, electronic device, medium, and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination