CN117033012A - Query method and device for interface call blacklist, electronic equipment and storage medium - Google Patents
Query method and device for interface call blacklist, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117033012A CN117033012A CN202310878946.7A CN202310878946A CN117033012A CN 117033012 A CN117033012 A CN 117033012A CN 202310878946 A CN202310878946 A CN 202310878946A CN 117033012 A CN117033012 A CN 117033012A
- Authority
- CN
- China
- Prior art keywords
- blacklist
- interface
- data
- intersection
- caller
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000004364 calculation method Methods 0.000 claims abstract description 32
- 239000012634 fragment Substances 0.000 claims description 36
- 238000012545 processing Methods 0.000 claims description 32
- 230000002776 aggregation Effects 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 abstract description 21
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000013467 fragmentation Methods 0.000 description 3
- 238000006062 fragmentation reaction Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computational Linguistics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a query method and device for an interface call blacklist, electronic equipment and a storage medium, and relates to the field of financial science and technology, wherein the query method comprises the following steps: sending a privacy exchange request to a summary center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried; calling a blacklist to perform intersection calculation based on interfaces of the lists to be queried and the summarization center to obtain intersection results; and under the condition that the intersection set is not an empty set as indicated by the intersection result, extracting a user identifier corresponding to the target interface caller in the intersection result, and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller. The invention solves the technical problems that in the related technology, the interface calling party with potential safety hazard is difficult to be effectively identified by a financial institution for calling the financial data interface, and the user data is easy to leak.
Description
Technical Field
The invention relates to the field of financial science and technology and other related technical fields, in particular to a method and a device for inquiring an interface call blacklist, electronic equipment and a storage medium.
Background
With the advent of the digital age, financial services have been shifted from traditional offline services to online services, and the opening of a financial data call interface has become an important component of financial services, and many institutions have opened their call interfaces to third party applications for use, however, because the third party applications have different qualities, it is difficult to avoid malicious behaviors, such as illegally acquiring user information, from the third party applications.
In the related art, the malicious calling behavior of the third party can only perform postmortem responsibility and punishment, and the interface calling intention of the third party is difficult to recognize in advance through technical means, so that user data is revealed.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the invention provides a method and a device for inquiring an interface call blacklist, electronic equipment and a storage medium, which at least solve the technical problems that in the related art, a financial institution calls a financial data interface, an interface calling party with potential safety hazards is difficult to effectively identify, and user data is easy to leak.
According to an aspect of the embodiment of the present invention, there is provided a method for querying an interface call blacklist, including: sending a privacy exchange request to a summary center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1; performing intersection calculation based on the list to be queried and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer; and under the condition that the intersection set is not an empty set as indicated by the intersection result, extracting a user identifier corresponding to the target interface caller in the intersection result, and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller.
Optionally, before sending the privacy exchange request to the aggregation center, the method further includes: and receiving an interface calling request sent by a user terminal, extracting the user identifier corresponding to the interface calling party based on the interface calling request, and generating the list to be queried.
Optionally, the step of calling a blacklist to perform intersection calculation based on the to-be-queried list and the interface of the summarization center includes: receiving an encrypted public key sent by the summarization center; calculating a first hash value set based on a user identifier corresponding to the interface caller in the list to be queried, and performing disturbance processing on the first hash value based on the encryption public key and the random number to obtain a blind hash value set; sending the blind hash value set to the summarization center, and receiving a hash characteristic value set after signature processing by the summarization center; performing blind removing treatment on the hash characteristic values in the hash characteristic value set, and performing hash operation to obtain a first data set to be exchanged; receiving a second data set to be crossed sent by the summarization center, wherein the second data set to be crossed is a data set obtained by encrypting and performing two hash operations on the identification data in the interface call blacklist by the summarization center; and performing intersection solving calculation on the first data set to be intersected and the second data set to be intersected to obtain intersection solving results.
Optionally, after extracting the user identifier corresponding to the target interface caller in the intersection result, the method further includes: and inquiring the interface call blacklist based on the user identification corresponding to the target interface caller, and acquiring the user information of the target interface caller corresponding to the user identification.
Optionally, before sending the privacy exchange request to the aggregation center, the method further includes: determining N financial institutions participating in interface calling blacklist sharing tasks; and sending data slicing requests to each financial institution based on the N financial institutions, wherein the data slicing requests are used for requesting each financial institution to carry out slicing processing on interface call blacklist data held by the financial institution based on the quantity of the financial institutions.
Optionally, after sending the data slicing request to each financial institution based on the number of financial institutions, the method further comprises: receiving blacklist slicing data obtained after slicing processing by each financial institution; encrypting the blacklist fragment data to obtain encrypted blacklist fragment data; and sending the encrypted blacklist fragment data to the N financial institutions participating in the interface calling blacklist sharing task, and sending the obtained encrypted blacklist fragment data to the summarization center after summarizing the obtained encrypted blacklist fragment data by each financial institution.
Optionally, after generating the target interface call blacklist based on the target interface caller identification and the target interface caller information, further comprising: and rejecting the interface calling party existing in the blacklist of the target interface calling, which corresponds to the interface calling request sent by the user terminal, and returning alarm information to the user terminal.
According to another aspect of the embodiment of the present invention, there is also provided a query device for calling a blacklist by an interface, including: the sending unit is used for sending a privacy exchange request to the aggregation center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1; the computing unit is used for carrying out intersection calculation based on the to-be-queried list and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer; and the generating unit is used for extracting the user identifier corresponding to the target interface caller in the intersection solving result and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller under the condition that the intersection solving result indicates that the intersection is not an empty set.
Optionally, the query device for calling the blacklist by the interface further includes: the first receiving module is used for receiving an interface calling request sent by a user terminal, extracting the user identifier corresponding to the interface calling party based on the interface calling request and generating the list to be queried.
Optionally, the computing unit includes: the second receiving module is used for receiving the encrypted public key sent by the summarizing center; the first calculation module is used for calculating a first hash value set based on the user identification corresponding to the interface caller in the list to be queried, and performing disturbance processing on the first hash value based on the encryption public key and the random number to obtain a blind hash value set; the first sending module is used for sending the blind hash value set to the summarization center and receiving the hash characteristic value set after signature processing by the summarization center; the first processing module is used for performing blind removal processing on the hash characteristic values in the hash characteristic value set and performing hash operation to obtain a first data set to be crossed; the third receiving module is used for receiving a second data set to be crossed sent by the summarizing center, wherein the second data set to be crossed is a data set obtained by encrypting and performing two hash operations on the identification data in the interface call blacklist by the summarizing center; and the second calculation module is used for carrying out intersection calculation on the first to-be-intersected data set and the second to-be-intersected data set to obtain intersection results.
Optionally, the query device for calling the blacklist by the interface further includes: and the first query module is used for querying the interface call blacklist based on the user identification corresponding to the target interface caller and acquiring the user information of the target interface caller corresponding to the user identification.
Optionally, the query device for calling the blacklist by the interface further includes: the first determining module is used for determining N financial institutions participating in interface calling blacklist sharing tasks; and the second sending module is used for sending data slicing requests to each financial institution based on the N financial institutions, wherein the data slicing requests are used for requesting each financial institution to call the blacklist data for slicing based on the quantity of the financial institutions.
Optionally, the query device for calling the blacklist by the interface further includes: a fourth receiving module for receiving blacklist slicing data obtained after slicing processing by each financial institution; the first encryption module is used for encrypting the blacklist fragment data to obtain encrypted blacklist fragment data; and the third sending module is used for sending the encrypted blacklist fragment data to the N financial institutions participating in the interface calling blacklist sharing task, and each financial institution gathers the obtained encrypted blacklist fragment data and then sends the encrypted blacklist fragment data to the gathering center.
Optionally, the query device for calling the blacklist by the interface further includes: the first return module is used for rejecting the interface calling party which exists in the blacklist for the target interface, rejecting the interface calling request which is sent by the interface calling party corresponding to the user terminal, and returning alarm information to the user terminal.
According to another aspect of the embodiment of the present invention, there is further provided a computer readable storage medium, where the computer readable storage medium includes a stored computer program, and when the computer program runs, the device where the computer readable storage medium is controlled to execute the method for querying the blacklist by using any one of the interfaces.
According to another aspect of the embodiment of the present invention, there is further provided an electronic device, including one or more processors and a memory, where the memory is configured to store one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors implement a method for calling a blacklist by any one of the interfaces.
In the present disclosure, the method comprises the following steps: firstly, sending a privacy exchange request to a summary center, wherein the privacy exchange request at least comprises: and the to-be-queried list comprises M user identifiers corresponding to interface invokers to be queried, M is a positive integer greater than or equal to 1, then the to-be-queried list and the interface invocation blacklist of the summarization center are subjected to intersection calculation to obtain an intersection solving result, the interface invocation blacklist of the summarization center comprises interface invocation blacklist fragment data sent by N financial institutions, finally, under the condition that the intersection solving result indicates that the intersection is not an empty set, the user identifiers corresponding to target interface invokers in the intersection solving result are extracted, and the target interface invocation blacklist is generated based on the user identifiers of the target interface invokers and the user information of the target interface invokers.
In the method, the query of the interface call blacklist is carried out by adopting the privacy intersection technology, so that the query party is ensured not to expose the query purpose per se when carrying out the blacklist query, sensitive information is protected, and the method can rapidly evaluate whether the interface caller has potential safety hazards or not by privacy intersection before the interface caller carries out the interface call, only the query party can finally acquire intersection results, the user data safety is ensured, and the data safety of all parties is ensured by adopting the multiparty data fragmentation technology. And further, the technical problems that in the related technology, the interface calling party with potential safety hazard is difficult to effectively identify when a financial institution calls a financial data interface, and user data is easy to leak are solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a flow chart of an alternative interface call blacklist query method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of an alternative interface call blacklist sharing method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of an alternative interface call blacklist querying device according to an embodiment of the present invention;
fig. 4 is a block diagram of a hardware structure of an electronic device (or mobile device) that interfaces to invoke a blacklist query method according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that, the query method and the device for invoking the blacklist by the interface in the disclosure may be used in the financial and technological field under the condition that whether the interface caller has a potential safety hazard is queried based on the privacy intersection technology, and may also be used in any field except the financial and technological field under the condition that whether the interface caller has a potential safety hazard is queried based on the privacy intersection technology.
It should be noted that, related information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present disclosure are information and data authorized by a user or sufficiently authorized by each party, and the collection, use and processing of related data need to comply with related laws and regulations and standards of related countries and regions, and be provided with corresponding operation entries for the user to select authorization or rejection. For example, an interface is provided between the system and the relevant user or institution, before acquiring the relevant information, the system needs to send an acquisition request to the user or institution through the interface, and acquire the relevant information after receiving the consent information fed back by the user or institution.
The embodiments of the invention can be applied to systems/applications/devices for calling blacklist inquiry by various interfaces or to systems/applications/devices for evaluating potential safety hazards of various interface calling parties. The invention adopts the privacy intersection technology, ensures that the query intention of the query party is not revealed, the user data of the query party is not revealed, and ensures the safety of the user data.
The invention adopts the secret sharing technology to realize the sharing of the blacklist called by each financial institution interface, thereby protecting the safety of business data of each party.
In the invention, the interface call blacklist data of each participant is collected to a collection center (a third party trusted authority) in a slicing mode, but the original list is stored in each participant in a scattered way, so that risks such as data loss and the like caused by centralized data storage are avoided.
The present invention will be described in detail with reference to the following examples.
Example 1
According to an embodiment of the present invention, there is provided an embodiment of a method of querying an interface call blacklist, it being noted that the steps shown in the flowchart of the figures may be performed in a computer system, such as a set of computer executable instructions, and that although a logical order is shown in the flowchart, in some cases the steps shown or described may be performed in an order different from that shown or described herein.
FIG. 1 is a flowchart of an alternative interface call blacklist query method according to an embodiment of the present invention, as shown in FIG. 1, the method including the steps of:
step S101, a privacy exchange request is sent to a summary center, where the privacy exchange request at least includes: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1;
step S102, carrying out intersection calculation based on a to-be-queried list and an interface call blacklist of a summary center to obtain an intersection result, wherein the interface call blacklist of the summary center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer;
step S103, extracting a user identifier corresponding to the target interface caller in the intersection solving result and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller when the intersection solving result indicates that the intersection is not an empty set.
Through the steps, a privacy exchange request is sent to a summary center, wherein the privacy exchange request at least comprises: and the to-be-queried list comprises M user identifiers corresponding to interface invokers to be queried, M is a positive integer greater than or equal to 1, then the to-be-queried list and the interface invocation blacklist of the summarization center are subjected to intersection calculation to obtain an intersection solving result, the interface invocation blacklist of the summarization center comprises interface invocation blacklist fragment data sent by N financial institutions, finally, under the condition that the intersection solving result indicates that the intersection is not an empty set, the user identifiers corresponding to target interface invokers in the intersection solving result are extracted, and the target interface invocation blacklist is generated based on the user identifiers of the target interface invokers and the user information of the target interface invokers.
In this embodiment, the privacy intersection technology is adopted to query the interface call blacklist, so that the query party is ensured not to expose the query purpose when the blacklist query is performed, sensitive information is protected, and whether the interface caller has potential safety hazards or not can be rapidly evaluated through privacy intersection before the interface caller performs interface call, only the query party can obtain intersection results finally, user data safety is ensured, and the data safety of all parties is ensured through the multiparty data fragmentation technology. And further, the technical problems that in the related technology, the interface calling party with potential safety hazard is difficult to effectively identify when a financial institution calls a financial data interface, and user data is easy to leak are solved.
Embodiments of the present invention will be described in detail with reference to the following steps.
It should be noted that, in the embodiment of the present invention, the implementation subject is a terminal where a target financial institution requesting to call a blacklist by using a query interface is located, in order to meet the requirement of data sharing on a digital line, the financial institution may open its own data interface to the outside, and a third party application may call financial data of the financial institution through the open API interface, but in a scenario where the API interface is open, a malicious call interface may easily occur to read user data, which causes leakage of user data, thereby causing serious loss to the financial institution.
In the process of opening the API interface for a long time, each financial institution generates an interface call blacklist according to the history call record, and for the caller with the potential safety hazard, the interface call blacklist is stored in the respective blacklist of the financial institution, and when the caller calls the financial interface again, the blacklist can be queried to determine whether the caller has the potential safety hazard.
It should be noted that, in order to ensure that each financial institution can more comprehensively identify the interface caller with the potential safety hazard, each financial institution adopts a blacklist sharing technology to upload the blacklist data held by all financial institutions to a certain central node or to cloud end for storage and inquiry, the blacklist sharing mode involves self privacy disclosure (such as disclosure of cooperation with a certain service provider) when uploading the data to the central node, once the central node is not trusted or attacked, the user data can be disclosed, and each financial institution may reveal self privacy due to the exposure of the inquiry purpose when inquiring the blacklist based on the central node.
When the interface of each financial institution is shared to call the blacklist, the embodiment of the invention adopts the secret sharing technology in multiparty security calculation to ensure the data security and privacy among all the participants in a distributed storage mode.
Optionally, before sending the privacy exchange request to the aggregation center, the method further includes: determining N financial institutions participating in interface calling blacklist sharing tasks; and sending data slicing requests to each financial institution based on the N financial institutions, wherein the data slicing requests are used for requesting each financial institution to carry out slicing processing on the interface call blacklist data held by the financial institution based on the quantity of the financial institutions.
Before the blacklist is called by the privacy intersection query interface, each participant participating in the blacklist data sharing, namely each financial institution, needs to be determined first, then a data slicing request is sent to each financial institution, each financial institution performs slicing processing on the blacklist data held by each financial institution after receiving the data slicing request, and the number of the data slicing needs to be greater than or equal to the number of the financial institutions participating in the blacklist data sharing.
Optionally, after sending the data slicing request to each financial institution based on the number of financial institutions, further comprising: receiving blacklist slicing data obtained after slicing processing by each financial institution; encrypting the blacklist fragment data to obtain encrypted blacklist fragment data; and sending the encrypted blacklist fragment data to N financial institutions participating in the interface calling blacklist sharing task, and sending the obtained encrypted blacklist fragment data to a summarization center after summarizing the obtained encrypted blacklist fragment data by each financial institution.
It should be noted that, each financial institution carries out the slicing processing on the blacklist data according to the number of the financial institutions participating in the blacklist data sharing, encrypts the sliced data to obtain encrypted blacklist slicing data, then each financial institution reserves one piece of encrypted blacklist slicing data, and distributes the rest of encrypted blacklist slicing data to other parties, the distribution mode can be random or can be preset, that is, each financial institution can take one piece of encrypted blacklist slicing data sent by other financial institutions, store the encrypted blacklist slicing data locally and send the encrypted blacklist slicing data to a summarization center, and the summarization center is provided by a trusted third party institution with public trust.
Specifically, fig. 2 is a schematic diagram of an optional interface call blacklist sharing method according to an embodiment of the present invention, as shown in fig. 2, when performing interface call blacklist data sharing, determining that the number of participants involved in blacklist data sharing is 4 includes: participant A, participant B, participant C and participant D also comprise a summarizing center, wherein the participant A, B, C, D respectively slices the self API interface calling blacklist data, the number of slices is not less than n (the number of participants), if 4 participants exist in FIG. 2, the number of slices of the blacklist data of each participant is not less than 4, the slices of the participant A are pA1, pA2, pA3 and pA4, and so on; after the sliced data is encrypted, each party reserves part of the sliced data in the method, and sends other sliced data which is more than or equal to 3 parts of sliced data to all other parties, for example, party A reserves pA1 in the method, sends pA2 to party B, pA3 to party C, pA4 to party D, after each party takes the blacklist data sliced set, each party needs to be stored locally and also needs to be sent to a gathering center for centralized storage, and the gathering center acquires the sliced data encrypted by each financial institution and cannot read the source data, so that the safety of the data is ensured.
Optionally, before sending the privacy exchange request to the aggregation center, the method further includes: and receiving an interface calling request sent by the user terminal, extracting a user identifier corresponding to the interface calling party based on the interface calling request, and generating a list to be queried.
It should be noted that, each interface caller sends an interface call request to the target financial institution based on the call requirement, the interface call request carries the user identifier of the caller, a list to be queried is generated according to the user identifier, and potential safety hazard assessment is performed on the user side in the list to be queried.
Step S101, a privacy exchange request is sent to a summary center, where the privacy exchange request at least includes: the list to be queried comprises M user identifications corresponding to interface calling parties to be queried.
The privacy exchange calculation is performed between the target financial institution and the aggregation center, the target financial institution sends a privacy exchange request to the aggregation center, the privacy exchange request comprises a list to be queried, and the list to be queried comprises user identifications encrypted according to encryption rules.
Step S102, performing intersection calculation based on the to-be-queried list and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions.
It should be noted that, the intersection of the to-be-queried list and the interface call blacklist is calculated through the privacy intersection request, the intersection result (intersection result) is the result that the user needs to query, the intersection result can indicate which data call interfaces have potential safety hazards, the target financial institution can agree or reject the interface call request of a certain interface caller according to the intersection result, in the whole calculation process, the to-be-queried list is not leaked to the summarizing center, nor to other participants, the data security is ensured, only the target financial institution can acquire the intersection result, thereby hiding the query purpose of the target financial institution and ensuring the data security of the target financial institution.
Optionally, the step of calling the blacklist to perform intersection calculation based on the interfaces of the list to be queried and the summarization center includes: receiving an encrypted public key sent by a summarizing center; calculating a first hash value set based on a user identifier corresponding to an interface caller in a list to be queried, and performing disturbance processing on the first hash value based on an encryption public key and a random number to obtain a blind hash value set; sending the blind hash value set to a summarization center, and receiving a hash characteristic value set subjected to signature processing by the summarization center; performing blind removing treatment on the hash characteristic values in the hash characteristic value set, and performing hash operation to obtain a first to-be-crossed data set; receiving a second data set to be crossed sent by a summarizing center, wherein the second data set to be crossed is a data set obtained by encrypting and performing hash operation twice on identification data in a blacklist called by the summarizing center; and carrying out intersection calculation on the first to-be-intersected data set and the second to-be-intersected data set to obtain an intersection result.
When privacy intersection calculation is performed, firstly, a key pair is created by a summarizing center with an interface for calling a blacklist, and a public key A is sent to a target financial institution, a private key B is stored in the summarizing center, the target financial institution firstly performs Hash operation on a user identifier of a list to be queried to obtain a first Hash value set, then performs disturbance processing on data in the first Hash value set according to the public key A and a random value to obtain a blind Hash value set, namely Z=A (disturbance value) ×hash (ID 1), wherein the disturbance value is a random value, ID1 represents the user identifier recorded in the list to be queried, the target financial institution sends the blind Hash value set to the summarizing center, signature processing is performed on the blind Hash value set based on the private key B by the summarizing center to obtain a Hash feature value set, each Hash feature value is expressed as Y=B (Z) =B (A (disturbance value) (Hash 1)), the Hash feature value is subjected to be performed on the Hash value of B (Hash 1)), the blind Hash value set is sent to the target financial institution, namely Z=A (Hash 1) is performed with Hash value (Hash 1), and Hash value is performed again (Hash 1) is performed to obtain a Hash value (D=2), and a Hash value is performed to obtain a Hash value (D=1) after the Hash value is subjected to be subjected to cross computation (D1), and obtaining the intersection result.
The privacy intersection calculation is realized by carrying out data exchange for multiple times based on the steps, the same encrypted data set is obtained by the two data exchange through different encryption keys for intersection processing, and the data on two sides are encrypted, so that the safety of the data of each party is ensured.
Step S103, extracting a user identifier corresponding to the target interface caller in the intersection solving result and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller when the intersection solving result indicates that the intersection is not an empty set.
When the intersection result is not the empty set, it is indicated that the user identifier in the list to be queried is also in the interface calling blacklist, that is, the blacklist user exists in the list to be queried, so that the target financial institution can intuitively acquire the interface calling party belonging to the blacklist user through the intersection result.
Optionally, after extracting the user identifier corresponding to the target interface caller in the intersection result, the method further includes: and inquiring the interface call blacklist based on the user identification corresponding to the target interface caller, and acquiring the user information of the target interface caller corresponding to the user identification.
After the intersection result is obtained, the caller belonging to the blacklist user may request to the summary center to obtain detailed information about the blacklist user.
Optionally, after generating the target interface call blacklist based on the target interface caller identification and the target interface caller information, further comprising: and calling the interface calling party existing in the blacklist to the target interface, rejecting the interface calling request sent by the interface calling party corresponding to the user terminal, and returning alarm information to the user terminal.
It should be noted that, for the caller belonging to the interface call blacklist user, the target financial institution may directly reject the interface call request of the caller, and return the alarm information to the user side where the caller is located.
According to the method and the device for identifying the risk of data leakage, the safety evaluation is carried out on the caller of the calling target financial institution through the steps, and whether the caller has potential safety hazards or not is timely determined through the intersection result obtained through privacy intersection calculation, so that the risk of data leakage can be identified before the caller calls the financial interface to acquire the user data, the data leakage is avoided, and the safety of the user data is protected.
The following describes in detail another embodiment.
Example two
The query device for calling the blacklist by the interface provided in the embodiment includes a plurality of implementation units, and each implementation unit corresponds to each implementation step in the first embodiment.
Fig. 3 is a schematic diagram of an alternative interface call blacklist query apparatus according to an embodiment of the present invention, and as shown in fig. 3, the query apparatus includes: a transmitting unit 31, a calculating unit 32, a generating unit 33, wherein,
the sending unit 31 is configured to send a privacy exchange request to the aggregation center, where the privacy exchange request includes at least: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1;
the calculating unit 32 is configured to perform intersection calculation based on the to-be-queried list and the interface call blacklist of the summary center, so as to obtain an intersection result, where the interface call blacklist of the summary center includes interface call blacklist fragment data sent by N financial institutions, and N is a positive integer;
and a generating unit 33, configured to extract a user identifier corresponding to the target interface caller in the intersection result when the intersection result indicates that the intersection is not an empty set, and generate a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller.
The inquiry device transmits a privacy exchange request to the aggregation center through the transmitting unit 31, wherein the privacy exchange request includes at least: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1; performing intersection calculation by using a calculation unit 32 based on the to-be-queried list and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer; and when the intersection is not the empty set as indicated by the intersection result, extracting the user identifier corresponding to the target interface caller in the intersection result by the generating unit 33, and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller.
In this embodiment, the privacy intersection technology is adopted to query the interface call blacklist, so that the query party is ensured not to expose the query purpose when the blacklist query is performed, sensitive information is protected, and whether the interface caller has potential safety hazards or not can be rapidly evaluated through privacy intersection before the interface caller performs interface call, only the query party can obtain intersection results finally, user data safety is ensured, and the data safety of all parties is ensured through the multiparty data fragmentation technology. And further, the technical problems that in the related technology, the interface calling party with potential safety hazard is difficult to effectively identify when a financial institution calls a financial data interface, and user data is easy to leak are solved.
It should be noted that, in the embodiment of the present invention, the implementation subject is a terminal where a user requesting to query an interface to call a blacklist is located, in order to meet the requirement of data sharing on a digital line, a financial institution may open its own data interface to the outside, and a third party application may call financial data of the financial institution through an open API interface, but in a scenario where the API interface is open, a malicious call interface may easily occur to read the user data, which causes leakage of the user data, thereby causing serious loss to the financial institution.
In the process of opening the API interface for a long time, each financial institution generates an interface call blacklist according to the history call record, and for the caller with the potential safety hazard, the interface call blacklist is stored in the respective blacklist of the financial institution, and when the caller calls the financial interface again, the blacklist can be queried to determine whether the caller has the potential safety hazard.
It should be noted that, in order to ensure that each financial institution can more comprehensively identify the interface caller with the potential safety hazard, each financial institution adopts a blacklist sharing technology to upload the blacklist data held by all financial institutions to a certain central node or to cloud end for storage and inquiry, the blacklist sharing mode involves self privacy disclosure (such as disclosure of cooperation with a certain service provider) when uploading the data to the central node, once the central node is not trusted or attacked, the user data can be disclosed, and each financial institution can reveal self privacy for the purpose of exposure inquiry when inquiring the blacklist based on the central node.
When the interface of each financial institution is shared to call the blacklist, the embodiment of the invention adopts the secret sharing technology in multiparty security calculation to ensure the data security and privacy among all the participants in a distributed storage mode.
Optionally, the query device for calling the blacklist by the interface further includes: the first receiving module is used for receiving an interface calling request sent by the user terminal, extracting a user identifier corresponding to an interface calling party based on the interface calling request, and generating a list to be queried.
Optionally, the computing unit includes: the second receiving module is used for receiving the encrypted public key sent by the summarizing center; the first calculation module is used for calculating a first hash value set based on a user identifier corresponding to an interface caller in a list to be queried, and carrying out disturbance processing on the first hash value based on an encryption public key and a random number to obtain a blind hash value set; the first sending module is used for sending the blind hash value set to the summarization center and receiving the hash characteristic value set after signature processing by the summarization center; the first processing module is used for performing blind removal processing on the hash characteristic values in the hash characteristic value set and performing hash operation to obtain a first data set to be crossed; the third receiving module is used for receiving a second data set to be crossed sent by the summarizing center, wherein the second data set to be crossed is a data set obtained by encrypting and performing hash operation twice on the identification data in the blacklist called by the summarizing center; and the second calculation module is used for carrying out intersection calculation on the first to-be-intersected data set and the second to-be-intersected data set to obtain an intersection result.
Optionally, the query device for calling the blacklist by the interface further includes: and the first query module is used for querying the interface call blacklist based on the user identification corresponding to the target interface caller and acquiring the user information of the target interface caller corresponding to the user identification.
Optionally, the query device for calling the blacklist by the interface further includes: the first determining module is used for determining N financial institutions participating in interface calling blacklist sharing tasks; and the second sending module is used for sending data slicing requests to each financial institution based on the N financial institutions, wherein the data slicing requests are used for requesting each financial institution to carry out slicing processing on the interface call blacklist data held by the financial institution based on the quantity of the financial institutions.
Optionally, the query device for calling the blacklist by the interface further includes: a fourth receiving module for receiving blacklist slicing data obtained after slicing processing by each financial institution; the first encryption module is used for encrypting the blacklist fragment data to obtain encrypted blacklist fragment data; and the third sending module is used for sending the encrypted blacklist fragment data to N financial institutions participating in the interface calling blacklist sharing task, and each financial institution gathers the obtained encrypted blacklist fragment data and then sends the encrypted blacklist fragment data to the gathering center.
Optionally, the query device for calling the blacklist by the interface further includes: the first return module is used for calling the interface calling party existing in the blacklist for the target interface, rejecting the interface calling request sent by the interface calling party corresponding to the user terminal, and returning alarm information to the user terminal.
The above-mentioned inquiry apparatus for calling a blacklist by an interface may further include a processor and a memory, wherein the above-mentioned transmitting unit 31, calculating unit 32, generating unit 33, etc. are stored in the memory as program units, and the processor executes the above-mentioned program units stored in the memory to realize the corresponding functions.
The processor includes a kernel, and the kernel fetches a corresponding program unit from the memory. The kernel may set one or more kernel parameters to query whether the interface caller exists in the interface call blacklist.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), which includes at least one memory chip.
According to another aspect of the embodiment of the present invention, there is also provided a computer readable storage medium, where the computer readable storage medium includes a stored computer program, and when the computer program runs, a device where the computer readable storage medium is located is controlled to execute a method for querying the blacklist by using any one of the interfaces.
According to another aspect of the embodiment of the present application, there is also provided an electronic device, including one or more processors and a memory, where the memory is configured to store one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors implement a method for calling a blacklist by any one of the interfaces.
The application also provides a computer program product adapted to perform, when executed on a data processing device, a program initialized with the method steps of: sending a privacy exchange request to a summary center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1; performing intersection calculation based on the to-be-queried list and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer; and under the condition that the intersection set is not an empty set as indicated by the intersection result, extracting a user identifier corresponding to the target interface caller in the intersection result, and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller.
Fig. 4 is a block diagram of a hardware structure of an electronic device (or mobile device) that interfaces to invoke a blacklist query method according to an embodiment of the present invention. As shown in fig. 4, the electronic device may include one or more (shown in fig. 4 as 402a, 402b, … …,402 n) processors 402 (the processors 402 may include, but are not limited to, a microprocessor MCU, a programmable logic device FPGA, etc. processing means), a memory 404 for storing data. In addition, the method may further include: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a keyboard, a power supply, and/or a camera. It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 4 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the electronic device may also include more or fewer components than shown in FIG. 4, or have a different configuration than shown in FIG. 4.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present invention, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, for example, may be a logic function division, and may be implemented in another manner, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.
Claims (10)
1. An interface call blacklist query method, comprising:
sending a privacy exchange request to a summary center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1;
performing intersection calculation based on the list to be queried and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer;
and under the condition that the intersection set is not an empty set as indicated by the intersection result, extracting a user identifier corresponding to the target interface caller in the intersection result, and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller.
2. The query method of claim 1, further comprising, prior to sending the privacy solicitation to the aggregation center:
and receiving an interface calling request sent by a user terminal, extracting the user identifier corresponding to the interface calling party based on the interface calling request, and generating the list to be queried.
3. The query method of claim 1, wherein the step of invoking a blacklist for intersection calculation based on the interfaces of the list to be queried and the aggregation center comprises:
receiving an encrypted public key sent by the summarization center;
calculating a first hash value set based on a user identifier corresponding to the interface caller in the list to be queried, and performing disturbance processing on the first hash value based on the encryption public key and the random number to obtain a blind hash value set;
sending the blind hash value set to the summarization center, and receiving a hash characteristic value set after signature processing by the summarization center;
performing blind removing treatment on the hash characteristic values in the hash characteristic value set, and performing hash operation to obtain a first data set to be exchanged;
receiving a second data set to be crossed sent by the summarization center, wherein the second data set to be crossed is a data set obtained by encrypting and performing two hash operations on the identification data in the interface call blacklist by the summarization center;
and performing intersection solving calculation on the first data set to be intersected and the second data set to be intersected to obtain intersection solving results.
4. The query method of claim 1, further comprising, after extracting a user identifier corresponding to a target interface caller in the intersection result:
and inquiring the interface call blacklist based on the user identification corresponding to the target interface caller, and acquiring the user information of the target interface caller corresponding to the user identification.
5. The query method of claim 1, further comprising, prior to sending the privacy solicitation to the aggregation center:
determining N financial institutions participating in interface calling blacklist sharing tasks;
and sending data slicing requests to each financial institution based on the N financial institutions, wherein the data slicing requests are used for requesting each financial institution to carry out slicing processing on interface call blacklist data held by the financial institution based on the quantity of the financial institutions.
6. The query method of claim 5, further comprising, after sending a data slicing request to each financial institution based on the number of financial institutions:
receiving blacklist slicing data obtained after slicing processing by each financial institution;
encrypting the blacklist fragment data to obtain encrypted blacklist fragment data;
And sending the encrypted blacklist fragment data to the N financial institutions participating in the interface calling blacklist sharing task, and sending the obtained encrypted blacklist fragment data to the summarization center after summarizing the obtained encrypted blacklist fragment data by each financial institution.
7. The query method of claim 1, further comprising, after generating the target interface call blacklist based on the target interface caller identification and the target interface caller information:
and rejecting the interface calling party existing in the blacklist of the target interface calling, which corresponds to the interface calling request sent by the user terminal, and returning alarm information to the user terminal.
8. An interface call blacklist query device, comprising:
the sending unit is used for sending a privacy exchange request to the aggregation center, wherein the privacy exchange request at least comprises: the list to be queried comprises M user identifiers corresponding to interface calling parties to be queried, wherein M is a positive integer greater than or equal to 1;
the computing unit is used for carrying out intersection calculation based on the to-be-queried list and the interface call blacklist of the summarization center to obtain an intersection result, wherein the interface call blacklist of the summarization center comprises interface call blacklist fragment data sent by N financial institutions, and N is a positive integer;
And the generating unit is used for extracting the user identifier corresponding to the target interface caller in the intersection solving result and generating a target interface call blacklist based on the user identifier of the target interface caller and the user information of the target interface caller under the condition that the intersection solving result indicates that the intersection is not an empty set.
9. A computer readable storage medium, characterized in that the computer readable storage medium comprises a stored computer program, wherein the computer program when run controls a device in which the computer readable storage medium is located to execute the method for querying the interface call blacklist according to any one of claims 1 to 7.
10. An electronic device comprising one or more processors and a memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of invoking the blacklist query of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310878946.7A CN117033012A (en) | 2023-07-17 | 2023-07-17 | Query method and device for interface call blacklist, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310878946.7A CN117033012A (en) | 2023-07-17 | 2023-07-17 | Query method and device for interface call blacklist, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117033012A true CN117033012A (en) | 2023-11-10 |
Family
ID=88640395
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310878946.7A Pending CN117033012A (en) | 2023-07-17 | 2023-07-17 | Query method and device for interface call blacklist, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117033012A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117459634A (en) * | 2023-11-22 | 2024-01-26 | 深圳市众智达信息科技有限公司 | Method, system and medium for improving cross-data center blacklist interface access performance |
-
2023
- 2023-07-17 CN CN202310878946.7A patent/CN117033012A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117459634A (en) * | 2023-11-22 | 2024-01-26 | 深圳市众智达信息科技有限公司 | Method, system and medium for improving cross-data center blacklist interface access performance |
| CN117459634B (en) * | 2023-11-22 | 2024-06-11 | 深圳市众智达信息科技有限公司 | Method, system and medium for improving cross-data center blacklist interface access performance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108681966B (en) | Information supervision method and device based on block chain | |
| US10282554B2 (en) | System and method for providing a cryptographic platform for exchanging information | |
| JP6234607B2 (en) | Method and apparatus for verifying processed data | |
| CN108734028B (en) | Data management method based on block chain, block chain link point and storage medium | |
| EP3844934B1 (en) | A computer system and method of operating same for handling anonymous data | |
| CN109635572B (en) | Contract signing method and device based on block chain and terminal equipment | |
| CN108681676B (en) | Data management method and apparatus, system, electronic device, program, and storage medium | |
| CN105007301A (en) | Electronic evidence processing system and method based on social platform | |
| CN110827121A (en) | Block chain-based electronic bidding method, device and storage medium | |
| CN112600830B (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN116488789B (en) | Data processing method, device, equipment and medium | |
| EP4092984A1 (en) | Data processing method and apparatus, device and medium | |
| CN117033012A (en) | Query method and device for interface call blacklist, electronic equipment and storage medium | |
| CN110958107A (en) | Electronic voting method, device and storage medium based on block chain | |
| CN112887087B (en) | Data management method and device, electronic equipment and readable storage medium | |
| CN111047763A (en) | Electronic voting method, device and storage medium based on block chain | |
| TW202301160A (en) | Private joining, analysis and sharing of information located on a plurality of information stores | |
| CN111181831B (en) | Communication data processing method and device, storage medium and electronic device | |
| CN113965310A (en) | Method for realizing mixed privacy calculation processing based on controllable de-identification label | |
| CN117499159B (en) | Block chain-based data transaction method and device and electronic equipment | |
| CN115643113B (en) | Secure transmission method and device for private data and financial private data | |
| CN115269880B (en) | Privacy calculation auditing method and device based on knowledge graph | |
| CN116522402B (en) | Customer identification method, device, equipment and medium based on privacy calculation | |
| CN115809482B (en) | Data aggregation calculation method, device, medium and equipment based on random number confusion | |
| CN110417638B (en) | Communication data processing method and device, storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |