CN117313759A - Method, device, equipment and storage medium for data security transmission - Google Patents

Method, device, equipment and storage medium for data security transmission Download PDF

Info

Publication number
CN117313759A
CN117313759A CN202311286266.2A CN202311286266A CN117313759A CN 117313759 A CN117313759 A CN 117313759A CN 202311286266 A CN202311286266 A CN 202311286266A CN 117313759 A CN117313759 A CN 117313759A
Authority
CN
China
Prior art keywords
request
dimensional code
data
parameters
specific value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311286266.2A
Other languages
Chinese (zh)
Inventor
张泽谦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenbang Intelligent Technology Group Qingdao Co ltd
Original Assignee
Shenbang Intelligent Technology Group Qingdao Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenbang Intelligent Technology Group Qingdao Co ltd filed Critical Shenbang Intelligent Technology Group Qingdao Co ltd
Priority to CN202311286266.2A priority Critical patent/CN117313759A/en
Publication of CN117313759A publication Critical patent/CN117313759A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10257Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The application provides a method, a device, equipment and a storage medium for data security transmission, wherein the method comprises the following steps: generating a two-dimensional code corresponding to a service request according to the service request sent by a user side, wherein the two-dimensional code comprises a request parameter with a specific value; responding to the operation of scanning the two-dimensional code by the user side, extracting the request parameters in the two-dimensional code and sending the request parameters to the rear end; controlling the back end to judge whether the specific value in the request parameters meets preset requirements, if so, acquiring corresponding data called by the back end according to the request parameters, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side. The technical effect that this application had is: the risk brought by tampering of parameters of the two-dimensional code is reduced, and the situations of data leakage, intrusion of the system and the like are avoided as much as possible.

Description

Method, device, equipment and storage medium for data security transmission
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method, an apparatus, a device, and a storage medium for secure data transmission.
Background
Two-dimensional codes are a popular encoding scheme in recent years, and can store more information than traditional bar codes. And scanning the two-dimensional code on the equipment through the terminal provided with the code scanning software, so that the related information stored in the equipment can be obtained.
In the prior art, the front end generally obtains parameters after scanning the two-dimension code through the user terminal, and carries a parameter request back end interface, the back end transmits data to the front end according to the request parameters, and once the parameters obtained by the front end from the two-dimension code are tampered, the security risks such as data leakage and system intrusion can be caused.
Disclosure of Invention
The application provides a method, a device, equipment and a storage medium for data security transmission, which are used for reducing risks caused by tampering parameters of a two-dimensional code, and avoiding situations such as data leakage, intrusion of a system and the like as much as possible.
In a first aspect, the present application provides a method for secure transmission of data, the method comprising: generating a two-dimensional code corresponding to a service request according to the service request sent by a user side, wherein the two-dimensional code comprises a request parameter with a specific value; responding to the operation of scanning the two-dimensional code by the user side, extracting the request parameters in the two-dimensional code and sending the request parameters to the rear end; controlling the back end to judge whether the specific value in the request parameters meets preset requirements, if so, acquiring corresponding data called by the back end according to the request parameters, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side.
By adopting the technical scheme, the specific value is added into the request parameters of the two-dimension code and is transmitted to the rear end together with the parameters, the rear end checks the specific value after receiving the request parameters, the corresponding data is called and sent to the front end after the check is successful, and abnormal information is sent to the user end after the check is failed, so that the risk caused by the tampering of the parameters of the two-dimension code is reduced, and the situations of data leakage, intrusion of the system and the like are avoided as much as possible.
Optionally, the generating a two-dimensional code corresponding to the service request according to the service request sent by the user terminal, where the two-dimensional code includes a request parameter with a specific value, and the generating includes: generating request parameters corresponding to the service request according to the service request sent by the user terminal; and inserting or splicing the specific value into the request parameter to generate a two-dimensional code corresponding to the service request.
By adopting the technical scheme, the specific value can be directly inserted into the request parameter of the two-dimension code, so that when the parameter of the subsequent two-dimension code is tampered, the rear end can directly find that the request parameter of the two-dimension code is tampered, the risk brought by tampering the parameter of the two-dimension code is reduced, and the situations of data leakage, invasion of the system and the like are avoided as much as possible.
Optionally, the inserting or stitching the specific value into the request parameter includes: the specific value is inserted or spliced to the request parameter by an encryption algorithm.
By adopting the technical scheme, the encryption algorithm is used for encrypting the specific value and the request parameter, so that the safety of the parameter can be increased, the parameter information is prevented from being maliciously stolen or tampered, the encrypted parameter is not easy to crack, and the safety of data transmission is improved.
Optionally, after the responding to the operation that the user side scans the two-dimensional code and extracting the request parameter in the two-dimensional code and sending the request parameter to the back end, the method further includes: sending verification information to the back end; receiving feedback information sent by the back end after the verification information is read; judging whether the feedback information accords with a preset standard, if so, judging that the rear end is in a normal state, and if not, sending alarm information to terminal equipment of staff.
By adopting the technical scheme, the method for monitoring the back-end state in real time and rapidly responding to abnormal conditions can be realized by sending verification information, receiving feedback information and judging and sending alarm information to staff, so that the reliability and the safety of the system are improved. The manual intervention is reduced, the efficiency is improved, the risks of service interruption and loss are reduced, and the stable operation of the system is ensured.
Optionally, after generating the two-dimensional code corresponding to the service request according to the service request sent by the user side, the method further includes: if the request operation triggered after the user side scans the two-dimensional code is not received within a first preset time period, the two-dimensional code is invalid; the request operation comprises the operation of extracting the request parameters in the two-dimensional code and sending the request parameters to the back end.
By adopting the technical scheme, the two-dimensional code is set to be invalid when the request operation is not received within the preset time, malicious requests can be prevented, the safety is improved, the resource waste is reduced, the user experience is improved, the management flow is simplified, the safety and the stability of the system are protected, and the use experience of a user and an administrator is improved.
Optionally, after generating the two-dimensional code corresponding to the service request according to the service request sent by the user side, the method further includes: and if the request operation exceeding the preset times is received within the second preset time, invalidating the two-dimensional code and sending early warning information to the user side.
By adopting the technical scheme, the two-dimensional code is set to be invalid when the request operation exceeding the preset times is received within the second preset time, and the early warning information is sent to the user side, so that abuse and malicious requests can be prevented, the safety is improved, the resource waste is reduced, the user experience is improved, the quick response and the system abnormality processing are realized, the safety and the stability of the system are protected, the use experience of the user is improved, and measures can be timely taken to cope with the abnormality.
Optionally, after the obtaining the corresponding data called by the back end according to the request parameter, the method further includes: processing the corresponding data to generate image data; and receiving the image data and displaying an image.
By adopting the technical scheme, the corresponding data is processed, the image data is generated, and the image is received and displayed, so that the data processing capacity can be improved, the data visualization is realized, the information transmission and communication are convenient, and the insight is provided and the user experience is improved.
In a second aspect, the present application provides an apparatus for secure transmission of data, the apparatus comprising: the device comprises a generation module, a response module and a processing module; the generating module is used for generating a two-dimensional code corresponding to a service request according to the service request sent by the user side, wherein the two-dimensional code comprises a request parameter with a specific value; the response module is used for responding to the operation of the user side for scanning the two-dimensional code, extracting the request parameters in the two-dimensional code and sending the request parameters to the rear end; the processing module is used for controlling the rear end to judge whether the specific value in the request parameters meets the preset requirements, if so, acquiring corresponding data called by the rear end according to the request parameters, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side.
By adopting the technical scheme, the specific value is added into the request parameters of the two-dimension code and is transmitted to the rear end together with the parameters, the rear end checks the specific value after receiving the request parameters, the corresponding data is called and sent to the front end after the check is successful, and abnormal information is sent to the user end after the check is failed, so that the risk caused by the tampering of the parameters of the two-dimension code is reduced, and the situations of data leakage, intrusion of the system and the like are avoided as much as possible.
In a third aspect, the present application provides an electronic device, which adopts the following technical scheme: the system comprises a processor, a memory, a user interface and a network interface, wherein the memory is used for storing instructions, the user interface and the network interface are used for communicating with other devices, and the processor is used for executing the instructions stored in the memory so as to enable the electronic device to execute a computer program of the method for safely transmitting any data.
In a fourth aspect, the present application provides a computer readable storage medium, which adopts the following technical solutions: a computer program is stored that can be loaded by a processor and that performs any of the methods of secure transmission of data described above.
In summary, the present application includes at least one of the following beneficial technical effects:
1. the risk brought by the tampering of the parameters of the two-dimensional code is reduced, and the situations of data leakage, intrusion of the system and the like are avoided as much as possible;
2. the encryption algorithm is used for encrypting the specific value and the request parameter, so that the safety of the parameter can be improved, the parameter information is prevented from being stolen or tampered maliciously, the encrypted parameter is not easy to crack, and the safety of data transmission is improved.
Drawings
Fig. 1 is a flow chart of a method for secure data transmission according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an apparatus for secure data transmission according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Reference numerals illustrate: 1. a response module; 2. a generating module; 3. a comparison module; 4. an output module; 1000. an electronic device; 1001. a processor; 1002. a communication bus; 1003. a user interface; 1004. a network interface; 1005. a memory.
Detailed Description
In order to make the technical solutions in the present specification better understood by those skilled in the art, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present application, but not all embodiments.
In the description of embodiments of the present application, words such as "exemplary," "such as" or "for example" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "illustrative," "such as" or "for example" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "illustratively," "such as" or "for example," etc., is intended to present related concepts in a concrete fashion.
Fig. 1 is a flow chart of a method for securely transmitting data according to an embodiment of the present application. It should be understood that, although the steps in the flowchart of fig. 1 are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows; the steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders; and at least some of the steps in fig. 1 may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the sub-steps or stages are performed necessarily occur in sequence, but may be performed alternately or alternately with at least some of the other steps or sub-steps of other steps.
The application discloses a method for data security transmission, which comprises S101-S103 as shown in FIG. 1.
S101, generating a two-dimensional code corresponding to the service request according to the service request sent by the user terminal, wherein the two-dimensional code comprises a request parameter with a specific value.
In one example, with the rapid development of mobile internet technology, more and more financial products and electronic payment services carry and display service information in a two-dimensional code form. However, the two-dimensional codes used in each business scenario generally have different two-dimensional code data structures. When there is a need to generate related two-dimension codes under different service scenarios, in the prior art, the two-dimension code generation process is generally performed on each service scenario according to the respective two-dimension code data structure, the front end scans the two-dimension code to obtain parameters, then requests an interface of the rear end with the request parameters, the rear end transmits data to the front end according to the request parameters, and in the process that the rear end transmits data to the front end according to the request parameters, there may be tampering of the parameters obtained by the front end from the two-dimension code, thereby influencing the front end to obtain data and subsequent display.
In general, when generating a two-dimensional code, there may be illegal or abnormal requests for the interface by a malicious user or attacker, which may violate the design intent of the interface, may cause abnormal operation, data leakage, system crash or other security problems of the interface, and the malicious requests may include, but are not limited to, frequent requests: an attacker consumes server resources by sending a large number of requests, resulting in service unavailability or slow response; parameter tampering: an attacker may modify the request parameters to obtain unauthorized data or perform illegal operations; the present application is mainly for avoiding the situation that an attacker modifies a request parameter, obtains unauthorized data or performs illegal operations.
In order to avoid the occurrence of the situation, the method and the device have the advantages that a specific value is added into the request parameters of the two-dimensional code, and the rear end verifies whether the specific value meets the requirement or not so as to realize safe transmission of data. If the specific value meets the requirement, the back end considers the current request as a normal request, and displays the corresponding data through the front end page after calling the corresponding data; otherwise, the request is considered to be very positive, and error display is directly carried out through the front-end page after the abnormal request.
When the front-end page receives a service request from a user, the front-end page acquires service parameters which need to be transmitted to the rear end according to the service request; and constructing request parameters containing specific values according to the analyzed service parameters, and splicing, encrypting or otherwise processing the specific values and the service parameters to generate final request parameters. And converting the constructed request parameters into two-dimension codes by using a two-dimension code generation library or tool, generating static two-dimension code pictures or dynamic two-dimension codes according to actual requirements, and displaying the generated two-dimension codes to a user through a front-end page.
Specific values are explained here: the specific value is a numerical value or a character string having a special meaning or function determined according to the service requirement. When the two-dimensional code is generated, the specific value is used as a part of the request parameter and can be used for identifying, distinguishing or activating certain specific business logic or functions. The specific value may be a key, token, identifier or other value having a unique or special meaning. It may be used to verify user identity, grant access, activate certain special functions, communicate specific configuration information, etc.
The specific content and meaning of the specific value depend on the service requirement, and can be defined and used according to actual situations. When the two-dimensional code is generated, the specific value is used as a part of the request parameter, so that the purpose of carrying out business logic processing according to the specific value can be achieved. The specific value may be set to a different value according to the interface usage scenario. The conventions represent scenes by different values, and the specific values have the characteristics of abstraction and low readability and are not easy to crack.
Generating a two-dimensional code corresponding to the service request according to the service request sent by the user terminal, wherein the two-dimensional code comprises request parameters with specific values, and the request parameters specifically comprise: generating request parameters corresponding to the service request according to the service request sent by the user terminal; and inserting or splicing the specific value into the request parameter to generate the two-dimensional code corresponding to the service request.
In one example, according to a service request sent by a user terminal, the front end generates corresponding request parameters according to agreed rules. The request parameters can be a string of characters or a key value pair, and the specific format is determined according to the service requirement and the back-end interface requirement. The specific value is inserted or spliced to a certain field or position in the request parameters according to the service requirements. The specific value may be a service code, a user identification, a time stamp, etc. for identifying or distinguishing between different requests. The front end converts the generated request parameters into a two-dimension code form, the request parameters can be used as the content of the two-dimension code, then the two-dimension code is converted into the two-dimension code by the library, the generated two-dimension code is displayed to a user through the front end, a picture can be displayed on a front end page or the two-dimension code is displayed on mobile equipment for the user to scan, the front end can generate corresponding request parameters according to a service request sent by the user end, a specific value is inserted or spliced into the request parameters, and finally the two-dimension code corresponding to the service request is generated. The user can transmit the request parameters to the back end by scanning the two-dimension code, so that the processing of related services is realized.
The specific value is inserted or spliced to the request parameter by an encryption algorithm.
In one example, the encryption algorithm may be MD5, SHA, etc., with MD5 and SHA being common encryption algorithms used to encrypt data and generate hash values. They can convert data of arbitrary length into a hash value of fixed length, MD5 (Message Digest Algorithm 5) is a widely used hash algorithm, generating a hash value of 128 bits (16 bytes). It processes the input data into 512-bit (64-byte) blocks based on the packet's message digest algorithm, ultimately generating a hash value. MD5 algorithms are commonly used for data integrity verification, file checksum and simple data encryption. SHA (Secure Hash Algorithm) is a generic term for a series of hash algorithms, including SHA-1, SHA-256, SHA-384, SHA-512, and the like. Where SHA-1 is the earliest version of the SHA algorithm family, a 160-bit (20-byte) hash value is generated. However, SHA-1 is not recommended because of its security breach. SHA-256, SHA-384, SHA-512, etc. are SHA-2 series algorithms that generate 256-bit, 384-bit, and 512-bit hash values, respectively. SHA-2 series algorithm is widely applied to the fields of data encryption, digital signature and the like at present.
Responding to the operation of scanning the two-dimension code by the user side, extracting the request parameters in the two-dimension code and sending the request parameters to the back end, and further comprising: sending verification information to the back end; receiving feedback information sent by the back end after the verification information is read; judging whether the feedback information accords with a preset standard, if so, judging that the rear end is in a normal state, and if not, sending alarm information to terminal equipment of staff.
In one example, in addition to the two-dimensional code technology and request parameter verification mentioned above, there are other key steps and technologies in the process of data security transmission to ensure the security and reliability of data transmission. The following is a detailed description of these steps, after the user terminal scans the two-dimensional code and extracts the request parameters, these verification information are sent to the backend, where the verification information may include user authentication, access rights verification, etc., to ensure that only legitimate users can access and operate the backend system. After the back end receives the verification information, the verification and analysis are carried out, and according to the verification result, the back end generates corresponding feedback information and sends the feedback information back to the user end, wherein the feedback information can comprise state information of successful or failed operation, a result of a data request and the like. After receiving the feedback information sent by the back end, the user can analyze and judge the feedback information. The ue verifies whether the feedback information meets a preset criterion, if so, whether the feedback information includes a specific status code or success/failure identifier. This ensures that the backend is in a normal state and that the operation request is handled correctly. If the user side judges that the feedback information does not meet the preset standard, namely the rear end is abnormal or wrong, the user side triggers an alarm mechanism, and the alarm information is sent to terminal equipment of staff so as to take measures in time to conduct fault detection and repair.
After generating the two-dimension code corresponding to the service request according to the service request sent by the user terminal, the method further comprises the following steps: if the request operation triggered after the user side scans the two-dimensional code is not received within the first preset time length, the two-dimensional code is invalid; the request operation comprises the operation of extracting the request parameters in the two-dimensional code and sending the request parameters to the back end.
In one example, to enhance the security of data transmission, a preset duration may be set, in which if the user side does not perform the request operation (i.e. does not scan the two-dimensional code and extracts the request parameter to send to the back end), the two-dimensional code is set to an invalid state. When the two-dimensional code is generated, a preset time length can be set, namely, the requirement that the user finishes the request operation within a fixed time is set. This time may be set according to specific requirements and safety requirements, for example 30 seconds or 1 minute. If the user does not complete the request operation within the preset time, i.e. the request parameters in the two-dimension code are not extracted and sent to the back end, the system sets the two-dimension code to be in an invalid state. Any subsequent request operation for the two-dimensional code will be denied. By setting the preset duration and monitoring the request operation, the malicious user can be effectively prevented from reserving and abusing the two-dimension code for a long time. If the user does not complete the request operation within the preset time, the system can automatically disable the two-dimension code, so that the safety of the data is protected. Meanwhile, the potential threat and risk caused by the fact that the two-dimensional code is reserved for a long time can be avoided.
After generating the two-dimension code corresponding to the service request according to the service request sent by the user terminal, the method further comprises the following steps: and if the request operation exceeding the preset times is received within the second preset time, invalidating the two-dimensional code and sending the early warning information to the user side.
In one example, in order to enhance the security of data transmission, in addition to setting a preset time period, a preset number of times may be set, and in this number of times, if a request operation exceeding the preset number of times is received, the two-dimensional code is set to an invalid state, and early warning information is sent to the user side. When the two-dimensional code is generated, a preset number of times can be set, namely, the fact that the user cannot make multiple requests in a short time is specified. The number of times can be set according to specific requirements and safety requirements, and the user side can record the number of times of request operation and update after each request operation is completed. This number may be initialized to 0 after the user scans the two-dimensional code and incremented by 1 after each request operation is completed. If the request operation exceeding the preset times is received within the preset times, the system sets the two-dimension code to be in an invalid state and sends the early warning information to the user side. This means that any subsequent request operation for the two-dimensional code will be denied. When the two-dimension code is set to be in an invalid state, the system can send early warning information to the user side to remind the user that the two-dimension code is invalid, and further safety measures may need to be taken. By setting the preset times and monitoring the request operation times, the malicious user can be effectively prevented from abusing the two-dimensional code for a plurality of times. If the request operation exceeding the preset times is received within the preset times, the system can automatically disable the two-dimension code and send the early warning information to the user side, so that the safety of the data is protected. Meanwhile, the user can be reminded of the use times of the two-dimension code and possible safety risks.
S102, responding to the operation of scanning the two-dimension code by the user side, extracting the request parameters in the two-dimension code and sending the request parameters to the rear end.
In one example, the front-end page generates a two-dimensional code corresponding to the service request according to the service request sent by the user end, and the user can scan the two-dimensional code through a scanning tool (such as a mobile phone camera or code scanning software), the scanning tool can analyze information in the two-dimensional code, the information is usually presented in a character string form, and request parameters are extracted from the character string obtained through analysis. According to the service requirement, a character string processing function, a regular expression or other methods can be used for extracting specific parameter values. The front-end page assembles the extracted request parameters into a request object or request string for transmission to the back-end. The format and manner of the request are determined according to the specific back-end interface specification, and the specific method can use a network request library or tool to send the constructed request to the back-end. Communications may be performed using a protocol such as HTTP, webSocket. After the back end receives the request, corresponding business processing is carried out according to the request parameters, and the request parameters can be analyzed, the validity of the parameters can be verified, database operation can be carried out, and the like.
Through the steps, the user can scan the front-end page behind the two-dimension code to extract the request parameters in the two-dimension code, and the parameters are sent to the rear end for corresponding business processing. Therefore, interaction among the user side, the front-end page and the back-end can be realized, and specific business logic is triggered according to the operation of scanning the two-dimension code by the user.
Explanation is made for the terminology of the above appearance: HTTP (Hypertext Transfer Protocol) is an application layer protocol for transmitting hypertext over a network. It is the most common protocol in Web applications for communication between clients and servers
WebSocket: webSocket is a protocol for full duplex communication over a network that provides a real-time, persistent connection allowing two-way communication between a client and a server.
S103, the control back end judges whether a specific value in the request parameters meets preset requirements, if so, corresponding data called by the back end according to the request parameters are obtained, and the corresponding data are processed and displayed; if not, abnormal information is sent to the user side.
In one example, the front-end page sends a request to the back-end via HTTP or WebSocket protocol, and the back-end receives the request sent by the client and obtains a specific value in the request. The back end firstly detects whether a specific value exists in the request, if so, the specific value is checked, if not, the request is directly stopped, and the display request error is carried out through the front end page; if a specific value exists in the current request, whether the specific value meets the preset requirement is judged, and it is to be noted that when the two-dimensional code is generated, the specific value can be added to the request parameters of the two-dimensional code automatically or manually through a system, the specific value can be added by adding the query parameters in the URL, adding the custom fields in the request header, and the like, and when the specific value is added, the front page forms a contract with the rear end for identifying the specific request or operation. These specific values may be predefined constants or dynamically generated values according to traffic demands. After the back end receives the request with the specific value, the specific value can be obtained by analyzing the request parameters or the request head, the back end verifies the received specific value, the conditional statement or the regular expression can be used for verifying the received specific value, after the verification is successful, the back end calls corresponding data or executes corresponding operation according to the request parameters, and different logics can be decided to be executed according to the specific value. The back end sends the processed data or the execution result as a response to the front end page, which may be text data or other format data. If the specific value does not meet the preset requirement, the back end can send the abnormal information to the front end page so that the front end page can be correspondingly processed. The anomaly information may be sent using HTTP status codes, custom error codes, or error messages, among other ways.
The steps described above need to be implemented according to a specific development environment, programming language, and framework, for example, when Java is used to develop a backend, servlet or Spring framework may be used to process requests and responses; when the front end is developed using JavaScript, the request and process response may be sent using fetch or AJAX, etc.
In a word, by specifying a specific value and adding the specific value to the request parameter, the function of controlling the back end to judge whether the specific value in the request parameter meets the preset requirement and performing data processing and exception processing according to the verification result can be realized.
After obtaining the corresponding data called by the back end according to the request parameters, the method further comprises the following steps: processing the corresponding data to generate image data; image data is received and an image is displayed.
In one example, corresponding data may be processed using a corresponding algorithm or processing method to generate image data, depending on the particular needs and data type. For example, if the data is a pixel value of a digital image, the pixel value may be processed using image processing algorithms, such as filtering, enhancement, image fusion, etc., to ultimately generate new image data, the processed image data is transferred to the front page and a viewable image is displayed thereon.
Based on the above method, the present application also discloses a device for data security transmission, as shown in fig. 2, and fig. 2 is a schematic structural diagram of a device for data security transmission provided in an embodiment of the present application.
An apparatus for secure transmission of data, comprising: the system comprises a generation module 1, a response module 2 and a processing module 3; the generating module 1 is used for generating a two-dimensional code corresponding to the service request according to the service request sent by the user terminal, wherein the two-dimensional code comprises a request parameter with a specific value; the response module 2 is used for responding to the operation of scanning the two-dimension code by the user side, extracting request parameters in the two-dimension code and sending the request parameters to the rear end; the processing module 3 is used for controlling the rear end to judge whether the specific value in the request parameters meets the preset requirement, if so, acquiring corresponding data called by the rear end according to the request parameters, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side.
It should be noted that: in the device provided in the above embodiment, when implementing the functions thereof, only the division of the above functional modules is used as an example, in practical application, the above functional allocation may be implemented by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to implement all or part of the functions described above. In addition, the embodiments of the apparatus and the method provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the embodiments of the method are detailed in the method embodiments, which are not repeated herein.
Referring to fig. 3, a schematic structural diagram of an electronic device is provided in an embodiment of the present application. As shown in fig. 3, the electronic device 1000 may include: at least one processor 1001, at least one network interface 1004, a user interface 1003, a memory 1005, at least one communication bus 1002.
Wherein the communication bus 1002 is used to enable connected communication between these components.
The user interface 1003 may include a Display screen (Display) and a Camera (Camera), and the optional user interface 1003 may further include a standard wired interface and a wireless interface.
The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.
Wherein the processor 1001 may include one or more processing cores. The processor 1001 connects various parts within the entire server using various interfaces and lines, performs various functions of the server and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 1005, and calling data stored in the memory 1005. Alternatively, the processor 1001 may be implemented in at least one hardware form of digital signal processing (Digital Signal Processing, DSP), field programmable gate array (Field-Programmable Gate Array, FPGA), programmable logic array (Programmable Logic Array, PLA). The processor 1001 may integrate one or a combination of several of a central processing unit (Central Processing Unit, CPU), an image processor (Graphics Processing Unit, GPU), and a modem, etc. The CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It will be appreciated that the modem may not be integrated into the processor 1001 and may be implemented by a single chip.
The Memory 1005 may include a random access Memory (Random Access Memory, RAM) or a Read-Only Memory (Read-Only Memory). Optionally, the memory 1005 includes a non-transitory computer readable medium (non-transitory computer-readable storage medium). The memory 1005 may be used to store instructions, programs, code, sets of codes, or sets of instructions. The memory 1005 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the above-described respective method embodiments, etc.; the storage data area may store data or the like involved in the above respective method embodiments. The memory 1005 may also optionally be at least one storage device located remotely from the processor 1001. As shown in fig. 3, an operating system, a network communication module, a user interface module, and an application program of a method of data security transmission may be included in a memory 1005 as a computer storage medium.
In the electronic device 1000 shown in fig. 3, the user interface 1003 is mainly used for providing an input interface for a user, and acquiring data input by the user; and processor 1001 may be used to invoke an application in memory 1005 that stores a method of secure transmission of data, which when executed by one or more processors, causes an electronic device to perform the method as described in one or more of the embodiments above.
An electronic device readable storage medium storing instructions. When executed by one or more processors, cause an electronic device to perform the method as described in one or more of the embodiments above.
It should be noted that, for simplicity of description, the foregoing method embodiments are all expressed as a series of action combinations, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required in the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to related descriptions of other embodiments.
In the several embodiments provided herein, it should be understood that the disclosed apparatus may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, such as the division of the units, merely a logical function division, and there may be additional manners of dividing the actual implementation, such as multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some service interface, device or unit indirect coupling or communication connection, electrical or otherwise.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable memory. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a memory, including several instructions for causing a computer device (which may be a personal computer, a server or a network device, etc.) to perform all or part of the steps of the method described in the embodiments of the present application. And the aforementioned memory includes: various media capable of storing program codes, such as a U disk, a mobile hard disk, a magnetic disk or an optical disk.
The foregoing is merely exemplary embodiments of the present disclosure and is not intended to limit the scope of the present disclosure. That is, equivalent changes and modifications are contemplated by the teachings of this disclosure, which fall within the scope of the present disclosure. Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a scope and spirit of the disclosure being indicated by the claims.

Claims (10)

1. A method for secure transmission of data, applied to a computer device, the method comprising:
generating a two-dimensional code corresponding to a service request according to the service request sent by a user side, wherein the two-dimensional code comprises a request parameter with a specific value;
responding to the operation of scanning the two-dimensional code by the user side, extracting the request parameters in the two-dimensional code and sending the request parameters to the rear end;
controlling the back end to judge whether the specific value in the request parameters meets preset requirements, if so, acquiring corresponding data called by the back end according to the request parameters, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side.
2. The method for securely transmitting data according to claim 1, wherein the generating a two-dimensional code corresponding to a service request according to the service request sent by a user terminal, wherein the two-dimensional code includes a request parameter having a specific value, includes:
generating request parameters corresponding to the service request according to the service request sent by the user terminal;
and inserting or splicing the specific value into the request parameter to generate a two-dimensional code corresponding to the service request.
3. The method of claim 2, wherein said inserting or stitching the specific value to the request parameter comprises:
the specific value is inserted or spliced to the request parameter by an encryption algorithm.
4. The method for securely transmitting data according to claim 1, wherein after the response to the operation of the user terminal to scan the two-dimensional code, extracting the request parameter in the two-dimensional code and transmitting the request parameter to the back end, further comprises:
sending verification information to the back end;
receiving feedback information sent by the back end after the verification information is read;
judging whether the feedback information accords with a preset standard, if so, judging that the rear end is in a normal state, and if not, sending alarm information to terminal equipment of staff.
5. The method for securely transmitting data according to claim 1, wherein after generating the two-dimensional code corresponding to the service request according to the service request sent by the user terminal, the method further comprises:
if the request operation triggered after the user side scans the two-dimensional code is not received within a first preset time period, the two-dimensional code is invalid; the request operation comprises the operation of extracting the request parameters in the two-dimensional code and sending the request parameters to the back end.
6. The method for securely transmitting data according to claim 5, wherein after generating the two-dimensional code corresponding to the service request according to the service request sent by the user terminal, further comprises:
and if the request operation exceeding the preset times is received within the second preset time, invalidating the two-dimensional code and sending early warning information to the user side.
7. The method for securely transmitting data according to claim 1, wherein after said obtaining the corresponding data called by the backend according to the request parameters, further comprises:
processing the corresponding data to generate image data;
and receiving the image data and displaying an image.
8. An apparatus for secure transmission of data, the apparatus comprising: the system comprises a generating module (1), a response module (2) and a processing module (3); wherein,
the generating module (1) is used for generating a two-dimensional code corresponding to a service request according to the service request sent by a user side, wherein the two-dimensional code comprises a request parameter with a specific value;
the response module (2) is used for responding to the operation of the user side for scanning the two-dimensional code, extracting the request parameters in the two-dimensional code and sending the request parameters to the rear end;
the processing module (3) is used for controlling the rear end to judge whether the specific value in the request parameter meets a preset requirement, if so, acquiring corresponding data called by the rear end according to the request parameter, processing the corresponding data and displaying the processed corresponding data; if not, abnormal information is sent to the user side.
9. An electronic device comprising a processor (1001), a memory (1005), a user interface (1003) and a network interface (1004), the memory (1005) being configured to store instructions, the user interface (1003) and the network interface (1004) being configured to communicate to other devices, the processor (1001) being configured to execute the instructions stored in the memory to cause the electronic device to perform the method of any of claims 1-7.
10. A computer readable storage medium, characterized in that a computer program is stored which can be loaded by a processor and which performs the method according to any of claims 1-7.
CN202311286266.2A 2023-10-07 2023-10-07 Method, device, equipment and storage medium for data security transmission Pending CN117313759A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311286266.2A CN117313759A (en) 2023-10-07 2023-10-07 Method, device, equipment and storage medium for data security transmission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311286266.2A CN117313759A (en) 2023-10-07 2023-10-07 Method, device, equipment and storage medium for data security transmission

Publications (1)

Publication Number Publication Date
CN117313759A true CN117313759A (en) 2023-12-29

Family

ID=89249502

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311286266.2A Pending CN117313759A (en) 2023-10-07 2023-10-07 Method, device, equipment and storage medium for data security transmission

Country Status (1)

Country Link
CN (1) CN117313759A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117708447A (en) * 2024-02-06 2024-03-15 杭州数云信息技术有限公司 Parameter transmission method and device based on graphic code, readable storage medium and terminal
CN117708447B (en) * 2024-02-06 2024-05-14 杭州数云信息技术有限公司 Parameter transmission method and device based on graphic code, readable storage medium and terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117708447A (en) * 2024-02-06 2024-03-15 杭州数云信息技术有限公司 Parameter transmission method and device based on graphic code, readable storage medium and terminal
CN117708447B (en) * 2024-02-06 2024-05-14 杭州数云信息技术有限公司 Parameter transmission method and device based on graphic code, readable storage medium and terminal

Similar Documents

Publication Publication Date Title
JP6835999B2 (en) Virtual service provider zone
US10834115B2 (en) Methods and systems for providing security for page framing
US10904761B2 (en) Media agnostic content obfuscation
CN114900338B (en) Encryption and decryption method, device, equipment and medium
CN102469080A (en) Method for pass user to realize safety login application client and system thereof
US20220038495A1 (en) Security mechanisms for preventing retry or replay attacks
CN106911684A (en) A kind of method for authenticating and system
CN105577639A (en) Trusted device control messages
CN111741268B (en) Video transmission method, device, server, equipment and medium
JP2010072916A (en) Data protection system and data protection method
CN113542274A (en) Cross-domain data transmission method, device, server and storage medium
CN109726578B (en) Dynamic two-dimensional code anti-counterfeiting solution
CN109495458A (en) A kind of method, system and the associated component of data transmission
CN116668434A (en) Digital campus service system based on unidirectional cross-network data transmission
CN112836186A (en) Page control method and device
CN111246407A (en) Data encryption and decryption method and device for short message transmission
CN117313759A (en) Method, device, equipment and storage medium for data security transmission
US20220150228A1 (en) Computer systems and methods including html browser authorisation approaches
US11979383B1 (en) Transparent web browsing recorder
WO2024082866A1 (en) Two-dimensional code anti-counterfeiting system and method, and related device
Mohamed Steganography for better data integrity and privacy
CN114826746A (en) Cloud platform identity authentication method, device and medium
Damsika et al. A novel mechanism for secure e-tendering in an open electronic network
CN114244593A (en) DNS security defense method and system, electronic equipment and medium
CN115694902A (en) Killing-per-second request method, killing-per-second verification method, device, system and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination