CN116647380A

CN116647380A - Data interaction method and device

Info

Publication number: CN116647380A
Application number: CN202310618612.6A
Authority: CN
Inventors: 赵挽澜; 袁蘅; 吕争让
Original assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Current assignee: China Construction Bank Corp; CCB Finetech Co Ltd
Priority date: 2023-05-29
Filing date: 2023-05-29
Publication date: 2023-08-25

Abstract

The application provides a data interaction method and device, which are applied to the technical field of information security and are used for improving the security of front-end and back-end system data interaction. The method comprises the following steps: receiving a target request message from a terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction; analyzing the target request message, and sequentially executing the operations corresponding to the operation instructions based on the execution sequence; and after the operation corresponding to the last operation instruction in the target request message is completed, sending operation completion information to the terminal, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

Description

Data interaction method and device

Technical Field

The application relates to the technical field of information security, in particular to a data interaction method and device.

Background

With the continuous development of internet technology, mobile devices are becoming popular, and more users choose to use mobile devices to perform operations that were originally performed only on-line or in a fixed business location. For example, payment operations that were originally completed off-line are now gradually replaced by mobile payments, and users have chosen more convenient and faster on-line operations to complete transactions.

In order to meet the requirement of operation on a user line, a scheme of front-end and back-end separate deployment is provided by a developer, and complete operation on the line is provided for the user by the combined action of the front-end system and the back-end system in a mode that the front-end system is deployed on terminal equipment and the back-end system is deployed on a server.

For example, in the mobile payment scenario, the user provides an operation instruction, identity information and the like for the back-end system through the front-end system on its own terminal device, and the back-end system on the server performs a corresponding payment operation through the received content, and continuously feeds back various information in the payment process to the front-end system in the process. Thus, through the interaction of the front end and the back end, the payment service provider can provide stable payment service for a plurality of users.

However, under such an operation frame, there is a safety problem that is difficult to ignore. Because the front-end systems selected by users are various, most of the front-end systems are connected with the back-end systems through application programming interfaces, and therefore the front-end and back-end interaction function is completed. This results in the front-end system not being able to guarantee its own security in the environment. For example, trojan files that may exist on the terminal device may seriously affect the security of the front-end system; when front-end and back-end data interaction is performed, important data may be clamped or tampered in the circulation process, and the problems affect the safety of the data interaction between the front-end system and the back-end system.

Therefore, how to improve the security of data interaction between front-end and back-end systems is a problem to be solved.

Disclosure of Invention

The application provides a data processing method and a data processing device, which are used for improving the safety of front-end and back-end system data interaction.

In a first aspect, the present application provides a data interaction method, applied to a server in a financial system, the method comprising: receiving a target request message from a terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction; analyzing the target request message, and sequentially executing the operations corresponding to the operation instructions based on the execution sequence; and after the operation corresponding to the last operation instruction in the target request message is completed, sending operation completion information to the terminal, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

In the scheme, the server receives all operation instructions and corresponding information at one time through the target request message, so that the interaction times between the terminal and the server are reduced, the risk of data leakage in the data circulation process is reduced, and the safety of data interaction is improved. Meanwhile, the server of the financial system controls the data flow between the terminal and the server to be carried out in the server, so that the safety of the server of the financial system is utilized, the data transfer between the server and the Internet is reduced, and the problem that excessive data are exposed to be intercepted or bypassed is avoided.

Optionally, the target request message includes a first array and a second array; the elements in the first array are used for indicating an operation instruction identifier, an execution sequence identifier and an attribute information identifier contained in each operation instruction; the execution sequence identifier is used for indicating the execution sequence of the operation corresponding to each operation instruction in the operations corresponding to all the operation instructions; the elements in the second array are used for indicating that each attribute information identifier in the first array corresponds to at least one attribute information; wherein the attribute information is used to indicate information required to perform the operation.

In the method, the first array records the operation instruction identifiers, the execution sequence identifiers and the attribute information identifiers corresponding to the operation instructions through the elements in the array, so that when different numbers of operation instructions are faced, the information of the operation instructions can be recorded through different numbers of elements in a structured manner, and the expansibility of the first array is effectively improved. And the attribute information of each operation is recorded through the second array, so that the elements in the second array can be flexibly matched according to the request content of each operation in actual use, and the dynamic expansion of the target request message is realized.

Optionally, based on the execution sequence, the sequentially executing the operations corresponding to the operation instructions includes: sequentially executing the operations corresponding to the operation instructions based on the execution sequence; and stopping responding to the subsequent operation instruction and sending abnormal alarm information to the terminal when the operation corresponding to any one of the operation instructions fails to be executed.

In the method, when any operation fails to be executed, the server needs to send the abnormal alarm information to the terminal, so that the problem that any operation information is tampered is avoided, and the safety of the scheme is effectively improved.

Optionally, the at least two operation instructions include an authentication instruction, where the authentication instruction is a first execution object in the execution sequence; the method further comprises, prior to performing the other of the at least two operation instructions than the authentication instruction: when the operation corresponding to the identity verification instruction is determined to be executed, and the execution result of the operation corresponding to the identity verification instruction is obtained, judging the execution result of the operation corresponding to the identity verification instruction; if the execution result is determined to be that the identity information is legal information, continuing to execute the other operations; and if the execution result is the identity information and the illegal information, stopping executing the other operations and sending the abnormal alarm information to the terminal.

In the method, when the identity verification instruction exists, the server only confirms that the identity verification operation is executed, and after the identity verification is legal, other subsequent operations can be executed, so that the risk that the identity verification operation is skipped or tampered is reduced, and the implementation safety of the scheme is further improved.

In a second aspect, the present application provides a data interaction method applied to a terminal in a financial system, the method comprising: generating a target request message; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction; the target request message is sent to a server, so that the server analyzes the target request message, and based on the execution sequence, the operation corresponding to the operation instruction is sequentially executed, and after the operation corresponding to the last operation instruction in the target request message is completed, operation completion information is sent to the terminal; and receiving the operation completion information from the server, and determining an operation result corresponding to the target request message based on the operation completion information.

In the scheme, a terminal generates a target request message according to the combination of request information of a plurality of operations, sends the target request message to a server, receives operation completion information from the server after the server completes all the operations, and determines an operation result of the target request message according to the operation completion information. Therefore, the number of data circulation times between the terminal and the server is reduced to a minimum, the risk of data leakage in the data interaction process is effectively reduced, and the implementation safety of the scheme is improved.

Optionally, the generating the target request packet includes: responding to a target scene trigger instruction, generating at least two operation instructions, and acquiring at least one attribute information corresponding to each operation instruction; the attribute information is used for indicating information required for executing the operation corresponding to each operation instruction; determining an execution sequence when the server executes the operation corresponding to the at least two operation instructions based on the configuration information of the target scene; and generating the target request message based on the at least two operation instructions, the attribute information corresponding to each operation instruction and the execution sequence.

In the method, according to scene requirements, after receiving a trigger instruction of a target scene, a terminal can generate at least two operation instructions, and a target request message is generated based on the operation instructions. Thus, the generated target request message can contain all information for executing the operation, thereby improving the feasibility of the scheme. And at least two operation instructions can be generated only by one triggering operation, so that the operation times required by a user can be effectively reduced, the implementation efficiency of the scheme is improved, and the use experience of the user is improved.

Optionally, the target request message includes a first array and a second array; the elements in the first array are used for indicating an operation instruction identifier, an execution sequence identifier and an attribute information identifier contained in each operation instruction; the execution sequence identifier is used for indicating the execution sequence of the operation corresponding to each operation instruction in the operations corresponding to all the operation instructions; the elements in the second array are used for indicating that each attribute information identifier in the first array corresponds to at least one attribute information.

In a third aspect, the present application provides a data interaction device for use in a server in a financial system, the device comprising: the first receiving module is used for receiving a target request message from the terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction; the first processing module is used for analyzing the target request message and sequentially executing the operations corresponding to the operation instructions based on the execution sequence; and the first sending module is used for sending operation completion information to the terminal after the operation corresponding to the last operation instruction in the target request message is completed, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

Optionally, the first processing module is configured to, based on the execution order, sequentially execute operations corresponding to the operation instructions, and specifically configured to: sequentially executing the operations corresponding to the operation instructions based on the execution sequence; and stopping responding to the subsequent operation instruction and sending abnormal alarm information to the terminal when the operation corresponding to any one of the operation instructions fails to be executed.

Optionally, the at least two operation instructions include an authentication instruction, where the authentication instruction is a first execution object in the execution sequence; the first processing module is further configured to, prior to performing the other of the at least two operation instructions than the authentication instruction: when the operation corresponding to the identity verification instruction is determined to be executed, and the execution result of the operation corresponding to the identity verification instruction is obtained, judging the execution result of the operation corresponding to the identity verification instruction; if the execution result is determined to be that the identity information is legal information, continuing to execute the other operations; and if the execution result is the identity information and the illegal information, stopping executing the other operations and sending the abnormal alarm information to the terminal.

In a fourth aspect, the present application provides a data interaction device for a terminal in a financial system, the device comprising: the second processing module is used for generating a target request message; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction; the second sending module is used for sending the target request message to a server so that the server analyzes the target request message, sequentially executes the operations corresponding to the operation instructions based on the execution sequence, and sends operation completion information to the terminal after the operation corresponding to the last operation instruction in the target request message is completed; and the second receiving module is used for receiving the operation completion information from the server and determining an operation result corresponding to the target request message based on the operation completion information.

Optionally, when the second processing module is configured to generate the target request packet, the second processing module is specifically configured to: responding to a target scene trigger instruction, generating at least two operation instructions, and acquiring at least one attribute information corresponding to each operation instruction; the attribute information is used for indicating information required for executing the operation corresponding to each operation instruction; determining an execution sequence when the server executes the operation corresponding to the at least two operation instructions based on the configuration information of the target scene; and generating the target request message based on the at least two operation instructions, the attribute information corresponding to each operation instruction and the execution sequence.

In a fifth aspect, there is provided an electronic device comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor, by executing the instructions stored by the memory, causing the at least one processor to perform the method of the first aspect or any of the alternative embodiments of the first aspect.

In a sixth aspect, a computer readable storage medium is provided for storing instructions that, when executed, cause a method as in the first aspect or any of the alternative embodiments of the first aspect to be implemented.

In a seventh aspect, there is provided a computer program product comprising instructions stored therein, which when run on a computer, cause the computer to perform the method according to the first aspect or any of the alternative embodiments of the first aspect described above.

Technical effects or advantages of one or more technical solutions provided in the third, fourth, fifth, sixth, and seventh aspects in the embodiments of the present application may be correspondingly explained by technical effects or advantages of one or more corresponding technical solutions provided in the first aspect or the second aspect.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it will be apparent that the drawings in the following description are only some embodiments of the present application, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of a possible application scenario provided in an embodiment of the present application;

FIG. 2 is a flowchart of a data interaction method according to an embodiment of the present application;

FIG. 3 is a flowchart of a method for generating a target request message according to an embodiment of the present application;

FIG. 4 is a schematic diagram of a format of a target request message according to an embodiment of the present application;

FIG. 5 is a flowchart of a data interaction method according to an embodiment of the present application;

FIG. 6 is a flowchart of a data interaction method according to an embodiment of the present application;

FIG. 7 is a schematic structural diagram of a device for data interaction according to an embodiment of the present application;

FIG. 8 is a schematic structural diagram of a device for data interaction according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

The following detailed description of the technical solutions of the present application will be given by way of the accompanying drawings and specific embodiments, and it should be understood that the specific features of the embodiments and embodiments of the present application are detailed descriptions of the technical solutions of the present application, and not limiting the technical solutions of the present application, and that the embodiments and technical features of the embodiments of the present application may be combined with each other without conflict.

It should be appreciated that in the description of embodiments of the application, the words "first," "second," and the like are used merely for distinguishing between the descriptions and not for indicating or implying any relative importance or order. In the description of the embodiments of the present application, "plurality" means two or more.

The term "and/or" in the embodiment of the present application is merely an association relationship describing the association object, and indicates that three relationships may exist, for example, a and/or B may indicate: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" herein generally indicates that the front and rear associated objects are an "or" relationship.

In the embodiment of the application, the data is collected, transmitted, used and the like, and all meet the requirements of national related laws and regulations.

A mobile internet product is generally divided into a front-end system and a back-end system; the front-end system (hereinafter referred to as front-end) is used for users, deployed in the mobile equipment of the client, and generally belongs to a third party platform, and the security of the front-end system is influenced by the client (such as an application program APP shell and the like); while backend systems (hereinafter referred to as backend) generally include product systems, information systems, deposit systems, etc., deployed in the private cloud of service providers with higher security levels. In a conventional front-end and back-end interaction scenario, for example, mobile payment, the data sent to the back end by the front end contains a lot of client information, and in order to ensure the use safety of the user data, the front end divides authentication and other verification operations and actual payment operations into two parts in an operation flow, wherein the front end firstly agrees with the back end with an identifier capable of uniquely identifying the user identity, and the back end continues subsequent operations after passing the authentication and confirming the user identity.

However, the front end is usually borne by a third party platform, the security is not stable, the problem that the step of verifying the identity of the client is bypassed or intercepted in the front end security check scene easily occurs, the tampered client data is sent to the back end, and the situation of actual payment operation occurs, so that the security of the client transaction data cannot be ensured.

In view of this, the embodiment of the application provides a data interaction method for improving the security of front-end and back-end system data interaction.

The following description is made for some simple descriptions of application scenarios applicable to the technical solution of the embodiment of the present application, and it should be noted that the application scenarios described below are only used for illustrating the embodiment of the present application, but not limiting. In the specific implementation process, the technical scheme provided by the embodiment of the application can be flexibly applied according to actual needs.

Referring to fig. 1, a schematic diagram of a possible application scenario provided in an embodiment of the present application may include a terminal device 101 and a server 102.

The terminal device 101 may be a device such as a mobile phone, a tablet personal computer (PAD), a personal computer (Personal computer, PC), a wearable device, or a vehicle-mounted terminal, or may be a device such as a camera, a video camera, or a vehicle recorder. The server 102 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or may be a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, a content delivery network (Content Delivery Network, CDN), basic cloud computing services such as big data and an artificial intelligence platform.

The terminal device 101 and the server 102 may be in direct or indirect communication connection via one or more communication networks 103. The communication network 103 may be a wired network, or may be a Wireless network, for example, a mobile cellular network, or may be a Wireless-Fidelity (WIFI) network, or may be other possible networks, which the embodiments of the present application are not limited to.

It should be noted that, the number of terminal devices and servers and the communication manner are not limited in practice, and are not particularly limited in the embodiment of the present application, as shown in fig. 1 for illustration only.

The method of data interaction provided by the exemplary embodiments of the present application will be described below with reference to the accompanying drawings in conjunction with the application scenarios described above, and it should be noted that the application scenarios described above are only shown for the convenience of understanding the spirit and principles of the present application, and the embodiments of the present application are not limited in any way in this respect.

The data interaction method provided by the embodiment of the application is applied to the server and the terminal in the financial system, and realizes the data interaction through the operation and interaction of the server and the terminal. In order to facilitate understanding of the solution, the method provided by the embodiment of the present application will be described below through three aspects, namely, a terminal, a server, and interaction between the terminal and the server.

Referring to fig. 2, a flowchart of a data interaction method is provided in an embodiment of the present application. As shown in fig. 2, the execution subject of the method is a terminal in a financial system, and the method comprises the following implementation steps:

step S201: generating a target request message, wherein the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction.

Firstly, it should be noted that, the terminal for generating the target request message is a terminal device where the front end facing the user is located, in practical application, the front end may be a web page, or may be a certain interface or function in the application program, and only needs to be in communication connection with the rear end to complete the target function, and the specific expression form of the present application is not limited.

Alternatively, when the terminal generates the target request message, the target request message may be implemented in the following several different manners.

In the first mode, each operation instruction input by a user at the terminal is received, and the operation combination of each instruction can be confirmed, so that a target request message is generated for the combined operation.

Specifically, when the terminal receives the operation instruction input by the user, the terminal may collect all the operation instructions input to the terminal by the user and aimed at the front end in a target time period, and based on the operation instructions, select several operation instructions meeting preset conditions in the operation instructions to be combined, so as to generate corresponding target request messages aiming at the several combined operation instructions.

And in the second mode, by presetting different scenes and receiving scene trigger instructions from a user, a plurality of operation instructions associated with the scenes can be generated, and a corresponding target request message is generated based on the operation instructions.

Specifically, the terminal may perform the following operations to implement the above manner.

Referring to fig. 3, a flowchart of a method for generating a target request packet according to an embodiment of the present application is provided.

As shown in fig. 3, the method comprises the following specific implementation steps:

step S301: responding to a target scene trigger instruction, generating at least two operation instructions, and acquiring at least one attribute information corresponding to each operation instruction; the attribute information is used for indicating information required by the operation corresponding to each operation instruction.

In this step, the terminal needs to respond to the trigger instruction of the target scene so as to complete subsequent other operations. And specific target scenes and acquisition of trigger instructions need to be described.

First, for each function provided by the front end, different scenes, such as a payment scene, a query scene, a consultation scene, and the like, may be configured in advance for the same. The configuration information of the different scenes comprises operation instructions which are needed to be correspondingly generated in each scene and the order in which the operation instructions are executed in the server. Thus, after the user completes the scene trigger instruction once at the terminal, the terminal can generate a plurality of corresponding operation instructions according to the trigger instruction and the configuration information corresponding to the scene, and endow different execution sequences for the operation instructions.

Then, after the user completes triggering the target scene, the terminal needs to acquire at least one attribute information corresponding to each generated operation instruction.

When the terminal acquires the attribute information, the user can input the corresponding attribute information based on the operation interface by displaying the corresponding operation interface to the user, or can acquire at least one attribute information required by the operation instruction based on the locally stored information.

For example, it is assumed that a user prepares to perform a transfer operation during a mobile payment process. At this time, the user may click on a trigger instruction of a target scene (transfer) in an operation page presented by the terminal, and the terminal generates at least one operation instruction according to configuration information of the target scene in response to the target scene trigger instruction upon receiving such trigger instruction. In the payment scenario, the generated at least one operation instruction may be an authentication instruction as well as a transfer instruction.

And for the authentication instruction and the transfer instruction, the subsequent operations thereof require acquisition of user identity information, transfer object information, transfer amount information, and the like. Therefore, for the identity verification instruction, the corresponding attribute information is account information and password information; and for the transfer instruction, the corresponding attribute information is transfer account information and transfer amount information.

In order to acquire the required attribute information, the terminal can display input options to the user through the operation page, and the user inputs information such as an account number, a password, a transfer amount and the like of the terminal, so that the terminal acquires the attribute information required for executing each instruction.

Step S302, determining the execution sequence of the server when executing at least two operation instructions based on the configuration information of the target scene.

After the terminal generates at least one operation instruction associated with the target scene and acquires the corresponding attribute information, the terminal also needs to configure an execution sequence for the operation instructions.

Specifically, the configuration information of the target scene includes at least two operation instructions to be generated, and also includes an execution sequence when the operation instructions are executed by the server. Therefore, when the terminal generates the target request message, the execution sequence of each operation instruction needs to be determined according to the configuration information of the target scene.

Also, by way of example in the above-described payment scenario, after the authentication instruction and the payment instruction are generated, the terminal needs to determine, according to the configuration information, that the server needs to execute the authentication instruction first, and after the authentication instruction is executed, the payment instruction can be executed.

Step S303: and generating a target request message based on at least two operation instructions, and attribute information and execution sequence corresponding to each operation instruction.

After generating the operation instruction and obtaining the attribute information and the execution sequence corresponding to the operation instruction, the terminal can generate a corresponding target request message according to the information.

Alternatively, the generated target request message may take several different formats.

For example, since each operation instruction is an instruction similar to a normal operation instruction, each different operation instruction itself corresponds to various sub-request messages. Thus, when generating the target request message, one possible generation method is: and simply combining the sub-request messages corresponding to the operation instructions, and directly sending the sub-request messages to the server as target request messages.

For example, when generating the target request message, the data structure of the dual array may be utilized to deconstruct and then reorganize the information of different operation instructions, so as to obtain the target request message containing all necessary information.

Specifically, the target request message includes a first array and a second array. The elements in the first array are used for indicating an operation instruction identifier, an execution sequence identifier and an attribute information identifier contained in each operation instruction. And the execution sequence identifier is used for indicating the execution sequence of the operation corresponding to each operation instruction in the operations corresponding to all operation instructions.

Because the operation instruction identifier and the execution sequence identifier in the elements in the first array can directly record the corresponding operation instruction and the execution sequence through the identifier, and the information corresponding to the attribute information cannot be displayed only through the identifier.

Therefore, for the target request message including the second array, the existence meaning is the attribute information corresponding to the record attribute information identifier. In other words, the element in the second array is used to indicate at least one attribute information corresponding to each attribute information identifier in the first array.

For example, taking the payment scenario as an example, when the terminal generates the target request message corresponding to all the operation instructions, each operation instruction may be taken as an object of the first array element, and the operation instruction identifier, the execution sequence identifier and the attribute information identifier of the operation instruction may be recorded respectively. The operation instruction identification can be specifically realized through an operation instruction code, and the operation is uniquely identified in the interaction process of the terminal and the server through the operation instruction code. The execution sequence identification can be realized by numbers or characters, and the like, so that after the server receives the target request message, the response sequence of each operation instruction can be determined according to the execution sequence identification in the target request message.

The attribute information corresponding to each operation instruction cannot be recorded simply through one identification, and for this purpose, the terminal can record at least one attribute information corresponding to each operation instruction through the second array in the target request message. For example, in the second array, a key-value pair (key-value) structure may be introduced, by which attribute information is correspondingly recorded.

Referring to fig. 4, a schematic format diagram of a target request packet according to an embodiment of the present application is provided. As shown in fig. 4, three elements included in the first array record an operation instruction identifier, an execution sequence identifier, and an attribute information identifier corresponding to the operation instruction respectively. And the attribute information identifies the element in the corresponding second array, and at least one attribute information corresponding to the operation instruction can be recorded in the form of a key value pair.

Taking the authentication instruction in the payment scene as an example, in the attribute information corresponding to the instruction, a user account number and a password need to be recorded, so that the authentication is performed. Therefore, in the target request message, the three elements in the first array record the operation instruction identifier (such as 212 digital code identifier), the execution sequence identifier (such as 01 sequence identifier) and the attribute information identifier of the identity verification instruction respectively; wherein the attribute information identifies a record address indicating attribute information of the authentication instruction in the second array. Correspondingly, the second array can record two attribute information corresponding to the identity verification instruction through key value pairs in the array, for example, a key field records an attribute name, a value field records a value of the attribute information, and the second array can record an identity account number (0000222) and a password (000000) through two key value pairs in the identity information.

After the target request message is generated in the mode, the terminal can send the generated target request message to the server. The specific implementation mode of the steps is as follows:

step S202: and sending a target request message to the server so that the server analyzes the target request message, sequentially executing the operations corresponding to the operation instructions based on the execution sequence, and sending operation completion information to the terminal after the server completes the operation corresponding to the last operation instruction in the target request message.

After the terminal sends the target request message to the server, the server can wait for the completion of the operations corresponding to all the operation instructions in the target request message without carrying out important data interaction with the server, so that the risk of possible leakage or tampering of the data in the circulation process is effectively reduced.

Step S203: and receiving operation completion information from the server, and determining an operation result corresponding to the target request message based on the operation completion information.

After receiving the operation completion information from the server, the terminal can determine that the operation instructions in the target request message are all completed smoothly, and according to the received operation completion information, an operation result corresponding to the target scene trigger instruction is displayed to the user on an operation page of the terminal.

The data interaction method provided by the embodiment of the application is applied to specific implementation operation of the terminal side. Correspondingly, the specific implementation operation of the data interaction method provided by the embodiment of the application applied to the server side will be described below.

Referring to fig. 5, a flowchart of a data interaction method is provided in an embodiment of the present application. As shown in fig. 5, the method is applied to a server in a financial system, and the implementation steps are as follows:

s501: receiving a target request message from a terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction.

After the terminal generates and transmits the target request message based on the trigger of the user, the server can correspondingly receive the target request message.

The specific format and content of the target request message may refer to the description of the target request message in step S303, which is not described herein.

Alternatively, the expression form of the execution sequence of the operation included in the target request packet may be implemented by integrally recording each operation instruction, in addition to the above-mentioned corresponding record execution sequence identifier of each operation instruction. For example, a field of the overall execution sequence of the record is additionally added in the target request message separately, so that the server can respond to the operation instructions in the target request message in turn according to the overall field.

Step S502: analyzing the target request message, and sequentially executing the operations corresponding to the operation instructions in the target request message based on the execution sequence in the target request message.

After analyzing and obtaining each operation instruction and the corresponding execution sequence in the target request message, the server can execute the operations corresponding to each operation instruction in the target request message in sequence according to the information.

Optionally, in the process of sequentially executing each operation, the server also needs to judge the last operation result when executing the subsequent operation.

Specifically, in the process that the server sequentially executes the operations corresponding to the operation instructions based on the execution sequence obtained from the target request message, the server needs to execute the following operations each time the server executes the operations corresponding to the operation instructions, so as to determine whether to continue to execute the subsequent operations.

Firstly, the server can execute the operation corresponding to the operation instruction which needs to be responded at this time based on the execution sequence. Such as authentication, user matching, information inquiry, transfer operations, etc.

Then, after the current operation is completed, the server needs to judge the operation result of this time to determine whether the operation result is expected or not. For example, whether the identity is verified as a legitimate identity as a result of an identity verification operation, whether the user is verified as a stored user as a result of a user matching operation, whether target information is obtained as a result of an information query operation, and so forth.

Only if the server has determined that the operation result obtained by the secondary operation is the expected result corresponding to the operation, the server can continue to execute the subsequent operation.

Otherwise, when the server determines that the obtained operation result is not the operation corresponding to the operation, the server can mark that the operation corresponding to the operation instruction fails to be executed, thereby stopping responding to the subsequent operation instruction, and sending abnormal alarm information to the terminal, wherein the abnormal alarm information is used for indicating the front end, suggesting that the operation has an abnormality, suggesting to examine the operation problem or repeatedly executing the operation and the like.

Thus, in the process of responding to the target request message, when the execution of the operation corresponding to any one operation instruction fails, the response of all subsequent operation instructions can be stopped, and the abnormal alarm information is sent to the terminal. Therefore, when the server executes all the operations, the operation can be executed according to the execution sequence, whether the subsequent operation is executed or not is judged by determining whether the previous operation fails to be executed, and the phenomenon that one operation is tampered and skipped is avoided, so that the overall safety of data interaction is affected.

Step S503: and after the operation corresponding to the last operation instruction in the target request message is completed, sending operation completion information to the terminal, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

After the server determines that all operations are successfully executed, in other words, after the server completes the operation corresponding to the last operation instruction in the target request message, the server can send operation completion information to the terminal, so that the terminal determines an operation result corresponding to the target request message based on the received operation completion information.

Thus, the server completes all response operations aiming at the target request message.

Optionally, the at least two operation instructions included in the target request message include an authentication instruction, where the execution sequence included in the target request message of the authentication instruction corresponds to the first execution.

The operation corresponding to the authentication instruction is a verification operation, for example, whether the identity of the user is legal, or whether the identity of the user is the user recorded by the system, or whether the account number provided by the user is matched with the password information, or the like.

Thus, when the server responds to the target request message containing the authentication instruction, before the server performs the other operations except the authentication instruction in at least two operation instructions in the target request message, the server needs to perform the following operations:

first, the server needs to determine whether the operation corresponding to the authentication instruction is completed. If the server determines that the corresponding operation is not completed, the server cannot perform subsequent other operations, but continues to wait until it is confirmed that the operation corresponding to the authentication instruction is completed. Optionally, the server may also set a timer specifically for waiting for the authentication instruction, and when the timer times out and is not yet determined whether the operation corresponding to the authentication instruction is completed, the server may identify that the operation corresponding to the authentication instruction fails to be executed, so as to send the abnormal alarm information to the terminal.

And if the server determines that the operation corresponding to the authentication instruction is already executed, the server also needs to acquire the execution result of the operation corresponding to the authentication instruction, judge the execution result of the operation corresponding to the authentication instruction, and judge the execution result of the operation corresponding to the authentication instruction.

Then, when the server determines that the execution result is that the identity information is legal information, the server can continue to execute other operations in the target request message.

However, when the server determines that the execution result is the identity information and the illegal information, the server needs to stop executing other operations included in the target request message and send the abnormal alarm information to the terminal.

The specific implementation steps of the data interaction method provided by the embodiment of the present application are described above from the terminal side and the server side, and in order to facilitate the overall understanding of the implementation thought and process of the present application, the data interaction method provided by the embodiment of the present application will be described below through the interaction between the terminal and the server and the combination of the above embodiments.

Referring to fig. 6, a flowchart of a data interaction method is provided in an embodiment of the present application. As shown in fig. 6, the method takes a terminal and a server as execution bodies, and comprises the following specific implementation steps:

step S601: and the terminal responds to the target scene trigger instruction and generates at least two operation instructions.

Step S602: the terminal acquires at least one attribute information corresponding to each operation instruction in the at least two operation instructions, and determines an execution sequence when the server executes the operation corresponding to the at least two operation instructions based on the configuration information of the target scene.

Step S603: the terminal generates a target request message based on at least two operation instructions, attribute information corresponding to each operation instruction and an execution sequence.

The target request message generated by the terminal comprises the at least two operation instructions and the execution sequence of the operation corresponding to each operation instruction. And further, the target request message also comprises at least one attribute information corresponding to each operation instruction, wherein the attribute information is used for indicating information required by the corresponding operation when the corresponding operation is performed. For example, when the operation corresponding to the authentication instruction is executed, account information and password information of the user are required, and at least one attribute information corresponding to the authentication instruction is the aforementioned account information and password information.

Thus, when generating the target request message, the terminal can generate the target request message comprising the first array and the second array according to the dual array structure. For example, when the target request message only includes the authentication instruction and the transfer operation instruction, the target request message including the first array and the second array may record all information by adopting the following structure: firstly, for an identity verification instruction, three elements in a first array can be used for respectively recording an instruction operation identifier, an execution sequence identifier and an attribute information identifier corresponding to the identity verification instruction; similarly, for the transfer operation instruction, three other elements in the first array may be used to record the instruction operation identifier, the execution order identifier and the attribute information identifier corresponding to the transfer operation instruction.

Meanwhile, the second array in the target request message can record all attribute information corresponding to each operation instruction in a key value pair mode, and associate the attribute information with the attribute information identification element in the first array so as to clarify all information corresponding to each operation instruction.

Step S604: the terminal sends the generated target request message to a server; correspondingly, the server receives the target request message from the terminal.

Step S605: the server analyzes the received target request message, and obtains the execution sequence of the operation corresponding to each operation instruction from the target request message.

Step S606: and sequentially executing corresponding operations according to the execution sequence.

Step S607: after each operation is executed, the server judges whether the operation is executed successfully or not; if it is determined that the operation fails to be executed, step S608 is executed; if it is determined that the operation is successfully performed, step S609 is performed.

Step S608: the server sends abnormal alarm information to the terminal; correspondingly, the terminal receives the abnormal alarm information from the server.

Step S609: the server judges whether the operation executed at this time is the operation corresponding to the last operation instruction indicated in the execution sequence; if yes, go to step S610; if not, then proceed to step S606.

Step S610: the server sends operation completion information to the terminal; correspondingly, the terminal receives operation completion information from the server.

Step S611: and the terminal determines an operation result corresponding to the target request message based on the operation completion information.

Thus, the method for data interaction provided by the embodiment of the application can be realized through interaction between the terminal and the server.

Based on the same inventive concept, the embodiment of the application also provides a data interaction device.

Referring to fig. 7, a schematic structural diagram of an apparatus for data interaction according to an embodiment of the present application is provided, where the apparatus may be the server or a chip or an integrated circuit in the device, and the apparatus includes a module/unit/technical means for executing the method executed by the server in the foregoing method embodiment.

Illustratively, the apparatus 700 includes:

a first receiving module 701, configured to receive a target request packet from a terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

the first processing module 702 is configured to parse the target request packet, and sequentially execute operations corresponding to the operation instructions based on the execution order;

And the first sending module 703 is configured to send operation completion information to the terminal after completing an operation corresponding to a last operation instruction in the target request packet, so that the terminal determines an operation result corresponding to the target request packet based on the operation completion information.

As an embodiment, the apparatus discussed in fig. 7 may be used to perform the method described in the embodiment shown in fig. 5, and thus, the description of the embodiment shown in fig. 5 may be referred to for the functions that can be implemented by each functional module of the apparatus, and so on, which will not be repeated herein.

Referring to fig. 8, a schematic structural diagram of an apparatus for data interaction according to an embodiment of the present application is provided, where the apparatus may be the terminal device or a chip or an integrated circuit in the device, and the apparatus includes a module/unit/technical means for executing a method executed by the terminal device in the foregoing method embodiment.

Illustratively, the apparatus 800 includes:

a second processing module 801, configured to generate a target request packet; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

A second sending module 802, configured to send the target request packet to a server, so that the server parses the target request packet, sequentially executes operations corresponding to the operation instructions based on the execution sequence, and after completing an operation corresponding to a last operation instruction in the target request packet, sends operation completion information to the terminal;

and a second receiving module 803, configured to receive the operation completion information from the server, and determine an operation result corresponding to the target request packet based on the operation completion information.

As an embodiment, the apparatus discussed in fig. 8 may be used to perform the method described in the embodiment shown in fig. 2, and thus, the description of the functions that can be implemented by the functional modules of the apparatus and the like may refer to the embodiment shown in fig. 2, which is not repeated herein.

It should be noted that while several modules or sub-modules of the apparatus are mentioned in the detailed description above, such partitioning is merely exemplary and not mandatory. Indeed, the features and functions of two or more of the units described above may be embodied in one module in accordance with embodiments of the invention. Conversely, the features and functions of one module described above may be further divided into a plurality of modules to be embodied.

As one possible product form of the above apparatus, referring to fig. 9, an embodiment of the present application further provides an electronic device 900, including:

at least one processor 901; and a communication interface 903 communicatively coupled to the at least one processor 901; the at least one processor 901, by executing instructions stored in the memory 902, causes the electronic device 900 to perform the method steps performed by any of the above-described method embodiments via the communication interface 903.

Optionally, the memory 902 is located outside the electronic device 900.

Optionally, the electronic device 900 includes the memory 902, where the memory 902 is connected to the at least one processor 901, and the memory 902 stores instructions executable by the at least one processor 901. Fig. 9 shows, in dashed lines, that the memory 902 is optional for the electronic device 900.

The processor 901 and the memory 902 may be coupled through an interface circuit, or may be integrated together, which is not limited herein.

The specific connection medium between the processor 901, the memory 902, and the communication interface 903 is not limited in the embodiment of the present application. In the embodiment of the present application, the processor 901, the memory 902 and the communication interface 903 are connected through a bus 904 in fig. 9, where the bus is indicated by a thick line in fig. 9, and the connection manner between other components is only schematically illustrated, but not limited to. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one thick line is shown in fig. 9, but not only one bus or one type of bus. It should be understood that the processors mentioned in the embodiments of the present application may be implemented by hardware or may be implemented by software. When implemented in hardware, the processor may be a logic circuit, an integrated circuit, or the like. When implemented in software, the processor may be a general purpose processor, implemented by reading software code stored in a memory.

By way of example, the processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

It should be understood that the memory referred to in embodiments of the present application may be volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable EPROM (EEPROM), or a flash Memory. The volatile memory may be random access memory (Random Access Memory, RAM) which acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data rate Synchronous DRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), and Direct RAM (DR RAM).

It should be noted that when the processor is a general purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, the memory (storage module) may be integrated into the processor.

It should be noted that the memory described herein is intended to comprise, without being limited to, these and any other suitable types of memory.

As another possible product form, embodiments of the present application also provide a computer-readable storage medium for storing instructions that, when executed, cause a computer to perform the method steps performed by any of the apparatus in the method examples described above.

As another possible product form, the present embodiment also provides a computer program product comprising instructions stored therein, which when run on a computer, cause the computer to perform the method steps performed by any of the apparatuses in the method embodiments described above.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims

1. A data interaction method, applied to a server in a financial system, the method comprising:

receiving a target request message from a terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

analyzing the target request message, and sequentially executing the operations corresponding to the operation instructions based on the execution sequence;

And after the operation corresponding to the last operation instruction in the target request message is completed, sending operation completion information to the terminal, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

2. The method of claim 1, wherein the target request message comprises a first array and a second array;

the elements in the first array are used for indicating an operation instruction identifier, an execution sequence identifier and an attribute information identifier contained in each operation instruction; the execution sequence identifier is used for indicating the execution sequence of the operation corresponding to each operation instruction in the operations corresponding to all the operation instructions;

the elements in the second array are used for indicating that each attribute information identifier in the first array corresponds to at least one attribute information; wherein the attribute information is used to indicate information required to perform the operation.

3. The method of claim 1, wherein the sequentially executing the operations corresponding to the operation instructions based on the execution order comprises:

sequentially executing the operations corresponding to the operation instructions based on the execution sequence;

And stopping responding to the subsequent operation instruction and sending abnormal alarm information to the terminal when the operation corresponding to any one of the operation instructions fails to be executed.

4. A method according to any one of claims 1-3, wherein said at least two operation instructions comprise an authentication instruction, said authentication instruction being a first execution object in said execution order;

the method further comprises, prior to performing the other of the at least two operation instructions than the authentication instruction:

when the operation corresponding to the identity verification instruction is determined to be executed, and the execution result of the operation corresponding to the identity verification instruction is obtained, judging the execution result of the operation corresponding to the identity verification instruction;

if the execution result is determined to be that the identity information is legal information, continuing to execute the other operations;

and if the execution result is the identity information and the illegal information, stopping executing the other operations and sending the abnormal alarm information to the terminal.

5. A data interaction method, applied to a terminal in a financial system, the method comprising:

generating a target request message; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

The target request message is sent to a server, so that the server analyzes the target request message, and based on the execution sequence, the operation corresponding to the operation instruction is sequentially executed, and after the operation corresponding to the last operation instruction in the target request message is completed, operation completion information is sent to the terminal;

and receiving the operation completion information from the server, and determining an operation result corresponding to the target request message based on the operation completion information.

6. The method of claim 5, wherein generating the target request message comprises:

responding to a target scene trigger instruction, generating at least two operation instructions, and acquiring at least one attribute information corresponding to each operation instruction; the attribute information is used for indicating information required for executing the operation corresponding to each operation instruction;

determining an execution sequence when the server executes the operation corresponding to the at least two operation instructions based on the configuration information of the target scene;

and generating the target request message based on the at least two operation instructions, the attribute information corresponding to each operation instruction and the execution sequence.

7. The method of claim 5 or 6, wherein the target request message comprises a first array and a second array;

the elements in the second array are used for indicating that each attribute information identifier in the first array corresponds to at least one attribute information.

8. A data interaction device for use with a server in a financial system, the device comprising:

the first receiving module is used for receiving a target request message from the terminal; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

the first processing module is used for analyzing the target request message and sequentially executing the operations corresponding to the operation instructions based on the execution sequence;

and the first sending module is used for sending operation completion information to the terminal after the operation corresponding to the last operation instruction in the target request message is completed, so that the terminal determines an operation result corresponding to the target request message based on the operation completion information.

9. The apparatus of claim 8, wherein the target request message comprises a first array and a second array;

10. The apparatus of claim 8, wherein the first processing module is configured to, based on the execution order, sequentially execute the operations corresponding to the operation instructions, specifically configured to:

11. The apparatus according to any of claims 8-10, wherein the at least two operation instructions comprise an authentication instruction, the authentication instruction being a first execution object in the execution order;

The first processing module is further configured to, prior to performing the other of the at least two operation instructions than the authentication instruction:

12. A data interaction device for use in a terminal in a financial system, the device comprising:

the second processing module is used for generating a target request message; the target request message comprises at least two operation instructions and an execution sequence of the operation corresponding to each operation instruction;

the second sending module is used for sending the target request message to a server so that the server analyzes the target request message, sequentially executes the operations corresponding to the operation instructions based on the execution sequence, and sends operation completion information to the terminal after the operation corresponding to the last operation instruction in the target request message is completed;

And the second receiving module is used for receiving the operation completion information from the server and determining an operation result corresponding to the target request message based on the operation completion information.

13. The apparatus of claim 12, wherein the second processing module is configured to, when generating the target request message, specifically:

14. The apparatus of claim 12 or 13, wherein the target request message comprises a first array and a second array;

15. An electronic device, comprising:

at least one processor; and a memory communicatively coupled to the at least one processor;

wherein the memory stores instructions executable by the at least one processor, by executing the instructions stored by the memory, causing the at least one processor to perform the method of any one of claims 1-4 or 5-7.

16. A computer readable storage medium for storing instructions that, when executed, cause the method of any one of claims 1-4 or 5-7 to be implemented.

17. A computer program product comprising instructions stored therein, which when run on a computer, cause the computer to perform the method of any of claims 1-4 or 5-7.