CN117130798A

CN117130798A - System mutual trust authentication method, device, computer equipment and storage medium

Info

Publication number: CN117130798A
Application number: CN202310996934.4A
Authority: CN
Inventors: 苟雨菲
Original assignee: Bank of China Ltd
Current assignee: Bank of China Ltd
Priority date: 2023-08-08
Filing date: 2023-08-08
Publication date: 2023-11-28

Abstract

The application relates to a system mutual trust authentication method, a device, computer equipment and a storage medium, and relates to the technical field of big data. The method comprises the following steps: acquiring full account information corresponding to each resource interaction system; determining a full-quantity information conversion format and a full-quantity information conversion field according to the resource system identification of each resource interaction system; according to the full-quantity information conversion format and the full-quantity information conversion field, carrying out format conversion on each full-quantity conversion account information format to obtain each conversion account information format and each conversion account description information; respectively constructing a system information mapping relation of each conversion account information format, each conversion account description information and each public user information; and according to the system information mapping relation, target account information corresponding to each resource data interaction request is called and sent to each resource interaction terminal. The method can solve the problem of asynchronous user information among the existing systems and improve the efficiency of data interaction among the systems.

Description

System mutual trust authentication method, device, computer equipment and storage medium

Technical Field

The present application relates to the field of big data technologies, and in particular, to a system mutual trust authentication method, apparatus, computer device, storage medium, and computer program product.

Background

With the development of big data technology, the situation that data are exchanged between different systems occurs, and accordingly, the user systems of the systems are different. At present, a user system among systems is isolated from user information, and each system has different definitions and uses on the user information, however, the establishment of a unified and standard user system is urgent along with the popularization of a configuration generation page public mechanism; meanwhile, in the mutual trust skip of each system management end, multiple parties are often required to carry out multi-layer conversion on the user information.

In the prior art, before data interaction is performed between two different systems, determining data interaction interfaces of the two systems, and executing the data interaction between the two systems under the condition that the data interaction interfaces are unified; because data interaction is frequently performed among a plurality of systems, and a data interaction interface needs to be reestablished before each data interaction, the efficiency of data interaction among different systems is low.

Disclosure of Invention

In view of the foregoing, it is desirable to provide a system mutual trust authentication method, apparatus, computer device, computer readable storage medium, and computer program product that can solve the problem of user information dyssynchrony between different systems in the prior art, and improve the efficiency of data interaction between different systems.

In a first aspect, the present application provides a system mutual trust authentication method. The method comprises the following steps: acquiring full account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; performing format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems; respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In a second aspect, the application also provides a system mutual trust authentication device. The device comprises: the full-quantity information acquisition module is used for acquiring full-quantity account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format; the conversion condition determining module is used for determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; the full-quantity information conversion module is used for carrying out format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems; the mapping relation construction module is used for respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems; and the full information interaction module is used for responding to the resource data interaction requests of at least one resource interaction terminal, calling the target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of: acquiring full account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; performing format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems; respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of: acquiring full account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; performing format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems; respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of: acquiring full account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; performing format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems; respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

The system mutual trust authentication method, the device, the computer equipment, the storage medium and the computer program product are realized by acquiring the total account information corresponding to each resource interaction system; each full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; according to the full-quantity information conversion format and the full-quantity information conversion field, carrying out format conversion on the full-quantity conversion account information format of each full-quantity account information to obtain conversion account information formats and conversion account description information corresponding to each resource interaction system; respectively constructing a system information mapping relation of public user information corresponding to each conversion account information format, each conversion account description information and each resource interaction system; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

Determining a converted format and a converted field according to the resource system identification of different resource interaction systems; further, a conversion method is established according to the obtained full account information, the conversion format and the conversion field, the full conversion account information format is converted, and each resource interaction system is ensured to be in the same data interaction environment; and finally, providing a public interface, and enabling different systems to acquire required user information through different system identifications and different scenes so as to perform mutual trust authentication, thereby effectively solving the problem of user information asynchronism among different systems in the prior art and improving the efficiency of data interaction among different systems.

Drawings

FIG. 1 is an application environment diagram of a system mutual trust authentication method in one embodiment;

FIG. 2 is a flow chart of a system mutual trust authentication method in one embodiment;

FIG. 3 is a flowchart of a system information mapping relationship construction method in one embodiment;

FIG. 4 is a flowchart of a system information mapping relationship construction method according to another embodiment;

FIG. 5 is a flow chart of a system interface configuration method according to an embodiment;

FIG. 6 is a flowchart of a method for retrieving full account information according to one embodiment;

FIG. 7 is a flow chart of a system interface reset method according to one embodiment;

FIG. 8 is a block diagram of a system mutual trust authentication device in one embodiment;

fig. 9 is an internal structural diagram of a computer device in one embodiment.

Detailed Description

The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.

The system mutual trust authentication method provided by the embodiment of the application can be applied to an application environment shown in figure 1. Wherein the terminal 102 communicates with the server 104 via a network. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104 or may be located on a cloud or other network server. The server 104 obtains the total account information corresponding to each resource interaction system through the terminal 102; each full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; according to the full-quantity information conversion format and the full-quantity information conversion field, carrying out format conversion on the full-quantity conversion account information format of each full-quantity account information to obtain conversion account information formats and conversion account description information corresponding to each resource interaction system; respectively constructing a system information mapping relation of public user information corresponding to each conversion account information format, each conversion account description information and each resource interaction system; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request. The terminal 102 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, where the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The server 104 may be implemented as a stand-alone server or as a server cluster of multiple servers.

In one embodiment, as shown in fig. 2, a system mutual trust authentication method is provided, and the method is applied to the server in fig. 1 for illustration, and includes the following steps:

step 202, obtaining the total account information corresponding to each resource interaction system.

The resource interaction system can be a service system set for different service requirements in the resource interaction platform and is used for carrying out resource interaction. For example: deposit systems for banks, loan systems, fund systems, etc.

The full account information may be all information of the user account, including information of a user name, a user role, authority, an affiliated institution, an institution number, a employee number, an affiliated primary institution, and the like.

Specifically, the server 104 responds to the instruction of the terminal 102 to obtain the full account information corresponding to each resource interaction system from the terminal 102, where each full account information includes at least one full conversion account information format, and stores each obtained full account information in the storage unit, and when the server needs to process any data record in each full account information, the server invokes the volatile storage resource from the storage unit for calculation by the central processor. Any data record may be a single data input to the central processing unit, or may be a plurality of data input to the central processing unit at the same time.

And 204, determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to each full-quantity account information according to the resource system identification of each resource interaction system.

Wherein the resource system identification may be a parameter used to identify the different resource systems of the partition.

The full amount information conversion format may be a guidance format that performs format conversion on full amount account information.

The full amount information conversion field may be a direction field that performs format conversion on full amount account information.

Specifically, according to the resource system identification of each resource interaction system, determining the current full conversion account information format and full account information field of each resource interaction system; and selecting target information formats which can all express the full-quantity conversion account information formats of all the resource interaction systems from the information format library as full-quantity information conversion formats, and similarly, selecting target information fields which can all express the full-quantity account information fields of all the resource interaction systems from the information field library as full-quantity information conversion fields.

And step 206, performing format conversion on the full-quantity conversion account information format of each full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to each resource interaction system.

The full-conversion account information format may be a data format expressing full-conversion account information.

The format of the converted account information can be a data format which is used for describing the account total account information after format conversion.

The account description information may be data for describing account total account information after format conversion.

Specifically, the full-quantity information conversion format and the full-quantity information conversion field are used as guiding tools for format conversion, the full-quantity information conversion format and the full-quantity information conversion field are simultaneously applied to all full-quantity account information, and format conversion is carried out on all full-quantity account information according to rules of the full-quantity information conversion format and the full-quantity information conversion field, so that conversion account information formats and conversion account description information corresponding to all resource interaction systems are obtained. The account information format conversion corresponding to each resource interaction system is the same account information format; the conversion account description information corresponding to each resource interaction system has the same field.

Step 208, respectively constructing the system information mapping relation of the conversion account information formats, the conversion account description information and the public user information corresponding to the resource interaction systems.

The public user information can be a data record of a public user information base, and any piece of public user information has a corresponding relation with one piece of full account information.

The mapping relationship of the system information can be the corresponding relationship of the same conversion account information format, conversion account description information and public user information, and can be expressed by a mapping algorithm.

Specifically, according to the identification data in the conversion account information format corresponding to the full account information, the identification data in the conversion account description information and the identification data in the public user information, the account information identification corresponding to the full account information is calculated in a combined mode; and executing the same steps for all the full account information to obtain all the account information identifiers.

Based on the account information identification corresponding to any one full account information, according to the conversion account information format, the conversion account description information and the public user information, respectively and correspondingly selecting a mapping algorithm with highest matching degree from a system information mapping relation database corresponding to each resource interaction system, and if the mapping algorithm selected from the conversion account information format, the conversion account description information and the public user information is the same, determining the algorithm as a target mapping algorithm; if the mapping algorithms selected from the account information format, the account description information and the public user information are the same, auxiliary selection is performed through the account information identification, wherein the selected mapping algorithm can be determined to meet the calculation requirement in the auxiliary selection of the account information identification, and the selected algorithm is used as a target mapping algorithm; if the mapping algorithm selected from the conversion account information format, the conversion account description information and the public user information is not the same, weighting the conversion account information format, the conversion account description information and the public user information, and then returning to execute the step of selecting the mapping algorithm with the highest matching degree from the system information mapping relation database corresponding to each resource interaction system as the target mapping algorithm according to the conversion account information format, the conversion account description information and the public user information until the target mapping algorithm is determined.

And for each full account information, inputting the conversion account information format, the conversion account description information and the public user information into a determined target mapping algorithm, and determining the corresponding relation among the conversion account information format, the conversion account description information and the public user information through calculation of the target mapping algorithm, wherein the corresponding relation is the system information mapping relation of each full account information.

On the basis of any full account information, as the mapping relation of each system information is established, according to each conversion account information format, each conversion account description information and each public user information, the corresponding system interface information of each resource interaction system capable of meeting the resource data interaction of each full account information is determined by combining the corresponding system information mapping relation; and generating corresponding system network end interface parameters and system service end interface parameters in each resource interaction system according to the system interface information, and setting corresponding system network end interfaces and system service end interfaces in each resource interaction system according to the system network end interface parameters and the system service end interface parameters.

Step 210, in response to the resource data interaction request of at least one resource interaction terminal, according to the system information mapping relationship, target account information corresponding to each resource data interaction request is called and sent to the resource interaction terminal corresponding to each resource data interaction request.

The resource interaction terminal can be a terminal used for collecting or displaying data in the resource interaction platform. For example: ATM machines for banks, personal information modifying terminals, etc.

The resource data interaction request can be a data interaction command between the resource interaction terminal and each resource interaction system.

The target account information may be to call the data to be interacted from the full account information according to the resource data interaction request.

Specifically, at least one command set of resource data interaction requests is sent to the resource interaction system at the resource interaction terminal, and then the resource interaction system responds to the command set of each resource data interaction request to check whether a system network interface and a system server interface are set in each corresponding resource interaction terminal corresponding to each resource data interaction request.

And if the system network end interface and the system service end interface are detected to exist in each resource interaction terminal and can work normally, executing the target account information of the command set for the resource data interaction request from the storage medium corresponding to each resource interaction terminal according to the system information mapping relation for any resource interaction terminal.

If the system network interface and one of the system service interfaces are detected to be missing and the online system interface can work normally in each resource interaction terminal, (1) if the normal system interface is the system network interface, determining the system interface information reversely through the system network interface according to the relation mapping relation between the system network interface and the system interface information; (2) If the normal system interface is the system server interface, the system interface information is reversely determined through the system server interface according to the relation mapping relation between the system server interface and the system interface information. Further, corresponding system network interface parameters or system service interface parameters are generated in each resource interaction system according to the system interface information, and corresponding system network interface or system service interface is respectively arranged in each resource interaction system according to the system network interface parameters or the system service interface parameters.

If the system network end interface and the system service end interface are detected to be missing in each resource interaction terminal, returning to execute the combination of the identification data in the conversion account information format corresponding to the full account information, the identification data in the conversion account description information and the identification data in the public user information, and calculating the account information identification corresponding to the full account information; and executing the same steps aiming at all the total account information to obtain all the account information identifiers … …, inputting the conversion account information format, the conversion account description information and the public user information into a determined target mapping algorithm, and determining the corresponding relation among the conversion account information format, the conversion account description information and the public user information through calculation of the target mapping algorithm to obtain a system information mapping relation until a normal system network end interface or a system service end interface corresponding to each resource interaction system is obtained.

In one embodiment, if the system network interface and the system server interface are detected to exist in each resource interaction terminal, and one or both of them cannot work normally, then the method returns to execute "according to the identification data in the conversion account information format, the identification data in the conversion account description information and the identification data in the public user information corresponding to the full account information, and calculates the account information identification corresponding to the full account information in a combined manner; and executing the same steps aiming at all the total account information to obtain all the account information identifiers … …, inputting the conversion account information format, the conversion account description information and the public user information into a determined target mapping algorithm, and determining the corresponding relation among the conversion account information format, the conversion account description information and the public user information through calculation of the target mapping algorithm to obtain a system information mapping relation until a normal system network end interface or a system service end interface corresponding to each resource interaction system is obtained.

In the system mutual trust authentication method, the full account information corresponding to each resource interaction system is acquired; each full account information includes at least one full conversion account information format; determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system; according to the full-quantity information conversion format and the full-quantity information conversion field, carrying out format conversion on the full-quantity conversion account information format of each full-quantity account information to obtain conversion account information formats and conversion account description information corresponding to each resource interaction system; respectively constructing a system information mapping relation of public user information corresponding to each conversion account information format, each conversion account description information and each resource interaction system; and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In one embodiment, as shown in fig. 3, a system information mapping relationship of each conversion account information format, each conversion account description information, and public user information corresponding to each resource interaction system is respectively constructed, including:

step 302, determining each account information identifier corresponding to each conversion account information format, each conversion account description information and each public user information.

The account information identifier may be identification data generated for any one of the full account information.

Step 304, based on any one account information identifier, a system information mapping relation of conversion account information format, conversion account description information and public user information is constructed.

Specifically, based on an account information identifier corresponding to any one full account information, according to a conversion account information format, conversion account description information and public user information, respectively and correspondingly selecting a mapping algorithm with highest matching degree from a system information mapping relation database corresponding to each resource interaction system, and if the mapping algorithm selected from the conversion account information format, the conversion account description information and the public user information is the same, determining the algorithm as a target mapping algorithm; if the mapping algorithms selected from the account information format, the account description information and the public user information are the same, auxiliary selection is performed through the account information identification, wherein the selected mapping algorithm can be determined to meet the calculation requirement in the auxiliary selection of the account information identification, and the selected algorithm is used as a target mapping algorithm; if the mapping algorithm selected from the conversion account information format, the conversion account description information and the public user information is not the same, weighting the conversion account information format, the conversion account description information and the public user information, and then returning to execute the step of selecting the mapping algorithm with the highest matching degree from the system information mapping relation database corresponding to each resource interaction system as the target mapping algorithm according to the conversion account information format, the conversion account description information and the public user information until the target mapping algorithm is determined.

In this embodiment, the system information mapping relationship of the conversion account information format, the conversion account description information and the public user information is constructed by determining the account information identifier corresponding to each full account information and then using the guidance of the account information identifier, so that the system data conversion efficiency in the resource data interaction of different resource interaction systems can be improved.

In one embodiment, as shown in fig. 4, constructing a system information mapping relationship of a conversion account information format, conversion account description information, and public user information includes:

and step 402, selecting a mapping algorithm with highest matching degree from a system information mapping relation database corresponding to each resource interaction system as a target mapping algorithm according to the conversion account information format, the conversion account description information and the public user information.

The system information mapping relation database may be a database constructed for the resource interaction system and including a plurality of mapping algorithms.

The target mapping algorithm may be a mapping algorithm meeting the current task requirements.

Step 404, constructing a system information mapping relation of the conversion account information format, the conversion account description information and the public user information according to the target mapping algorithm.

Specifically, for each full account information, the conversion account information format, the conversion account description information and the public user information are input into a determined target mapping algorithm, and the corresponding relation among the conversion account information format, the conversion account description information and the public user information is determined through calculation of the target mapping algorithm, so that the corresponding relation is the system information mapping relation of each full account information.

In this embodiment, the mapping algorithm with the highest matching degree is selected to establish the system information mapping relationship among the conversion account information format, the conversion account description information and the public user information, so that the accuracy of the system information mapping relationship among the three can be ensured, and the code accuracy can be improved.

In one embodiment, as shown in fig. 5, after the step of constructing the system information mapping relation of the conversion account information format, the conversion account description information and the public user information according to the target mapping algorithm, the method further includes:

step 502, determining system interface information corresponding to each resource interaction system according to each conversion account information format, each conversion account description information and each public user information.

The system interface information may be parameters of each interface of the resource interaction system.

Specifically, according to the format of each conversion account information, the description information of each conversion account and the information of each public user, the corresponding system interface information of each resource interaction system capable of meeting the requirement of carrying out resource data interaction on all the amount of account information is determined by combining the corresponding system information mapping relation.

Step 504, according to the system interface information, the system network interface and the system server interface of each resource interaction system are set.

The system network interface may be an interface of a system web end, and may be used to return logged-in user information according to a message sent by the front end.

The system server interface may be an interface provided by the system server and may be used to return public user information, system user information and a mapping relationship of the system information according to the uplink information.

Specifically, corresponding system network interface parameters and system service interface parameters are generated in each resource interaction system according to the system interface information, and corresponding system network interface and system service interface are respectively set in each resource interaction system according to the system network interface parameters and the system service interface parameters.

In this embodiment, the system network interface and the system server interface of each resource interaction system can be satisfied through the system interface information setting corresponding to each resource interaction system, so that the interface uniformity of each resource interaction system can be improved to a certain extent, and the time for each resource interaction system to perform resource interaction data transmission is reduced.

In one embodiment, as shown in fig. 6, in response to a resource data interaction request of at least one resource interaction terminal, according to a mapping relationship of system information, retrieving target account information corresponding to each resource data interaction request includes:

step 602, in response to the resource data interaction request of at least one resource interaction terminal, checking whether a system network interface and a system server interface exist in each resource interaction terminal corresponding to each resource data interaction request.

Step 604, under the condition that a system network end interface and a system service end interface exist in each resource interaction terminal at the same time, target account information corresponding to each resource data interaction request is called according to a system information mapping relation for any resource interaction terminal.

Specifically, if the existence of the system network interface and the system server interface is detected in each resource interaction terminal and the system server interface can work normally, for any resource interaction terminal, target account information of a command set for the resource data interaction request is called from a storage medium corresponding to each resource interaction terminal according to the system information mapping relation.

In this embodiment, the operation of retrieving the target account information corresponding to each resource data interaction request is performed only when it is determined that the system network interface and the system server interface exist in each resource interaction terminal at the same time, so that errors in retrieving the target account information due to abnormality of the system interface can be reduced, and the accuracy of the system is improved.

In one embodiment, as shown in fig. 7, the method further comprises:

step 702, in the case that one of the system network interface or the system service interface in each resource interaction terminal is missing, determining system interface information according to the reverse direction of the system network interface or determining system interface information according to the reverse direction of the system service interface.

Specifically, if one of the system network interface and the system service interface is detected to be absent and the online system interface can work normally in each resource interaction terminal, (1) if the normal system interface is the system network interface, determining the system interface information reversely through the system network interface according to the relation mapping relation between the system network interface and the system interface information; (2) If the normal system interface is the system server interface, the system interface information is reversely determined through the system server interface according to the relation mapping relation between the system server interface and the system interface information.

Step 704, resetting the missing system network interface according to the system interface information, or resetting the missing system service interface according to the system interface information.

Specifically, corresponding system network interface parameters or system service interface parameters are generated in each resource interaction system according to the system interface information, and corresponding system network interface or system service interface is respectively set in each resource interaction system according to the system network interface parameters or the system service interface parameters.

In this embodiment, under the condition that one of the system interfaces is missing, the system interface information is reversely acquired by using the online system interface, and finally, the missing system interface is set again according to the system interface information, so that the operation of the whole system can be reduced and the operation efficiency of the whole system can be improved under the condition that both the system interfaces are correctly configured.

In one embodiment, the method further comprises: and under the condition that the system network end interface and the system service end interface in each resource interaction terminal are both absent, returning to execute the step of respectively constructing the system information mapping relation of each conversion account information format, each conversion account description information and the public user information corresponding to each resource interaction system until the normal system network end interface or the system service end interface is obtained.

Specifically, if the system network interface and the system server interface are detected to be missing in each resource interaction terminal, returning to execute 'according to the identification data in the conversion account information format corresponding to the full account information, the identification data in the conversion account description information and the identification data in the public user information', and combining and calculating the account information identification corresponding to the full account information; and executing the same steps aiming at all the total account information to obtain all the account information identifiers … …, inputting the conversion account information format, the conversion account description information and the public user information into a determined target mapping algorithm, and determining the corresponding relation among the conversion account information format, the conversion account description information and the public user information through calculation of the target mapping algorithm to obtain a system information mapping relation until a normal system network end interface or a system service end interface corresponding to each resource interaction system is obtained.

In this embodiment, by automatically re-executing the step of setting the two system interfaces under the condition that the system network interface and the system server interface are both absent, the whole system can be self-repaired when the execution requirement is not met, so that the configuration of maintenance personnel is reduced, and the labor cost is reduced.

It should be understood that, although the steps in the flowcharts related to the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.

Based on the same inventive concept, the embodiment of the application also provides a system mutual trust authentication device for realizing the above related system mutual trust authentication method. The implementation of the solution provided by the device is similar to that described in the above method, so the specific limitations in the embodiments of one or more system mutual trust authentication devices provided below can be referred to the above limitation of a system mutual trust authentication method, and will not be repeated here _。

In one embodiment, as shown in fig. 8, there is provided a system mutual trust authentication device, including: a full-scale information acquisition module 802, a conversion condition determination module 804, a full-scale information conversion module 806, a mapping relationship construction module 808, and a full-scale information interaction module 810, wherein:

the full-quantity information acquisition module 802 is configured to acquire full-quantity account information corresponding to each resource interaction system; each full account information includes at least one full conversion account information format;

the conversion condition determining module 804 is configured to determine, according to the resource system identifier of each resource interaction system, a full-quantity information conversion format and a full-quantity information conversion field corresponding to each full-quantity account information;

The full amount information conversion module 806 is configured to perform format conversion on the full amount conversion account information format of each full amount account information according to the full amount information conversion format and the full amount information conversion field, so as to obtain conversion account information formats and conversion account description information corresponding to each resource interaction system;

the mapping relation construction module 808 is configured to respectively construct a system information mapping relation of each conversion account information format, each conversion account description information, and public user information corresponding to each resource interaction system;

the full information interaction module 810 is configured to respond to the resource data interaction requests of at least one resource interaction terminal, invoke target account information corresponding to each resource data interaction request according to the system information mapping relationship, and send the target account information to the resource interaction terminal corresponding to each resource data interaction request.

In one embodiment, the mapping relationship construction module 808 is further configured to determine each conversion account information format, each conversion account description information, and each account information identifier corresponding to each public user information; based on any one account information identifier, a system information mapping relation of conversion account information format, conversion account description information and public user information is constructed.

In one embodiment, the mapping relationship construction module 808 is further configured to select, according to the conversion account information format, the conversion account description information, and the public user information, a mapping algorithm with the highest matching degree from the system information mapping relationship databases corresponding to the resource interaction systems as a target mapping algorithm; and constructing a system information mapping relation of the conversion account information format, the conversion account description information and the public user information according to a target mapping algorithm.

In one embodiment, the mapping relationship construction module 808 is further configured to determine system interface information corresponding to each resource interaction system according to each conversion account information format, each conversion account description information, and each public user information; and setting a system network end interface and a system service end interface of each resource interaction system according to the system interface information.

In one embodiment, the full-volume information interaction module 810 is further configured to respond to a resource data interaction request of at least one resource interaction terminal, and check whether a system network interface and a system server interface exist in each resource interaction terminal corresponding to each resource data interaction request; and under the condition that a system network end interface and a system service end interface exist in each resource interaction terminal at the same time, target account information corresponding to each resource data interaction request is called according to the system information mapping relation for any resource interaction terminal.

In one embodiment, the full-volume information interaction module 810 is further configured to determine, in the absence of one of the system network interface or the system service interface in each resource interaction terminal, system interface information according to a reverse direction of the system network interface or determine system interface information according to a reverse direction of the system service interface; resetting the missing system network end interface according to the system interface information, or resetting the missing system service end interface according to the system interface information.

In one embodiment, the full-volume information interaction module 810 is further configured to return to execute the step of respectively constructing the system information mapping relationship of each conversion account information format, each conversion account description information, and the public user information corresponding to each resource interaction system until a normal system network interface or a system server interface is obtained, if both the system network interface and the system server interface in each resource interaction terminal are missing.

The modules in the system mutual trust authentication device can be realized in whole or in part by software, hardware and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.

In one embodiment, a computer device is provided, which may be a server, and the internal structure of which may be as shown in fig. 9. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing server data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a system mutual trust authentication method.

It will be appreciated by persons skilled in the art that the architecture shown in fig. 9 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting as to the computer device to which the present inventive arrangements are applicable, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

In an embodiment, there is also provided a computer device comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.

In one embodiment, a computer-readable storage medium is provided, storing a computer program which, when executed by a processor, implements the steps of the method embodiments described above.

In one embodiment, a computer program product or computer program is provided that includes computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the steps in the above-described method embodiments.

The user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.

Claims

1. A method for authenticating system mutual trust, the method comprising:

acquiring full account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format;

determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system;

Performing format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems;

respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems;

and responding to the resource data interaction requests of at least one resource interaction terminal, calling target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

2. The method of claim 1, wherein the respectively constructing the system information mapping relationship of each of the conversion account information formats, each of the conversion account description information, and the common user information corresponding to each of the resource interaction systems includes:

determining each account information identifier corresponding to each conversion account information format, each conversion account description information and each public user information;

And constructing a system information mapping relation among the conversion account information format, the conversion account description information and the public user information based on any one account information identifier.

3. The method of claim 2, wherein the constructing the system information mapping relationship of the conversion account information format, the conversion account description information, and the public user information comprises:

selecting a mapping algorithm with highest matching degree from a system information mapping relation database corresponding to each resource interaction system as a target mapping algorithm according to the conversion account information format, the conversion account description information and the public user information;

and constructing a system information mapping relation among the conversion account information format, the conversion account description information and the public user information according to the target mapping algorithm.

4. The method of claim 3, wherein after the step of constructing a system information mapping relationship of the conversion account information format, the conversion account description information, and the public user information according to the target mapping algorithm, the method further comprises:

Determining system interface information corresponding to each resource interaction system according to each conversion account information format, each conversion account description information and each public user information;

and setting a system network interface and a system server interface of each resource interaction system according to the system interface information.

5. The method according to claim 1, wherein the retrieving, in response to the resource data interaction request of at least one resource interaction terminal, the target account information corresponding to each of the resource data interaction requests according to the system information mapping relationship includes:

responding to resource data interaction requests of at least one resource interaction terminal, and checking whether a system network interface and a system server interface exist in each resource interaction terminal corresponding to each resource data interaction request;

and under the condition that the system network end interface and the system service end interface exist in each resource interaction terminal at the same time, target account information corresponding to each resource data interaction request is called according to the system information mapping relation for any resource interaction terminal.

6. The method of claim 5, wherein the method further comprises:

under the condition that one of the system network end interfaces or the system service end interfaces in each resource interaction terminal is missing, reversely determining the system interface information according to the system network end interfaces or reversely determining the system interface information according to the system service end interfaces;

resetting the missing system network interface according to the system interface information, or resetting the missing system service interface according to the system interface information.

7. The method of claim 5, wherein the method further comprises:

and under the condition that the system network end interfaces and the system service end interfaces in the resource interaction terminals are missing, returning to execute the step of respectively constructing the system information mapping relation of the conversion account information formats, the conversion account description information and the public user information corresponding to the resource interaction systems until the normal system network end interfaces or the system service end interfaces are obtained.

8. A system mutual trust authentication device, the device comprising:

the full-quantity information acquisition module is used for acquiring full-quantity account information corresponding to each resource interaction system; each of the full account information includes at least one full conversion account information format;

the conversion condition determining module is used for determining a full-quantity information conversion format and a full-quantity information conversion field corresponding to the full-quantity account information according to the resource system identification of each resource interaction system;

the full-quantity information conversion module is used for carrying out format conversion on the full-quantity conversion account information format of the full-quantity account information according to the full-quantity information conversion format and the full-quantity information conversion field to obtain conversion account information formats and conversion account description information corresponding to the resource interaction systems;

the mapping relation construction module is used for respectively constructing system information mapping relations of the conversion account information formats, the conversion account description information and public user information corresponding to the resource interaction systems;

and the full information interaction module is used for responding to the resource data interaction requests of at least one resource interaction terminal, calling the target account information corresponding to each resource data interaction request according to the system information mapping relation, and sending the target account information to the resource interaction terminal corresponding to each resource data interaction request.

9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 7 when the computer program is executed.

10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.