WO2019200755A1 - 数据获取方法、装置、计算机设备和存储介质 - Google Patents
数据获取方法、装置、计算机设备和存储介质 Download PDFInfo
- Publication number
- WO2019200755A1 WO2019200755A1 PCT/CN2018/095613 CN2018095613W WO2019200755A1 WO 2019200755 A1 WO2019200755 A1 WO 2019200755A1 CN 2018095613 W CN2018095613 W CN 2018095613W WO 2019200755 A1 WO2019200755 A1 WO 2019200755A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- approval
- data
- terminal
- server
- user identifier
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
- H04L67/1008—Server selection for load balancing based on parameters of servers, e.g. available memory or workload
Definitions
- the present application relates to a data acquisition method, apparatus, computer device and storage medium.
- each business party generally obtains data by means of offline copying, that is, the staff of each business party goes offline and the server copies data through a hard disk or the like, and transmits the copied data to the data. local.
- offline copying that is, the staff of each business party goes offline and the server copies data through a hard disk or the like, and transmits the copied data to the data. local.
- the method of offline copying is time consuming, and when the hard disk of copying data is lost, data leakage is also caused, and data security is reduced.
- a data acquisition method, apparatus, computer device, and storage medium are provided.
- a method of data acquisition comprising:
- the receiving approval server After generating the approval judgment request according to the user identifier, and sending the generated approval judgment request to the approval server, the receiving approval server obtains an approval result corresponding to the user identifier obtained according to the approval judgment request query;
- a data acquisition device comprising:
- a first receiving module configured to receive a first data acquisition request sent by the first terminal, where the first data acquisition request carries a second field and a user identifier corresponding to the first terminal;
- the approval result receiving module is configured to generate an approval judgment request according to the user identifier, and send the generated approval judgment request to the approval server, and the receiving approval server obtains an approval result corresponding to the user identifier according to the approval judgment request query. ;
- a field obtaining module configured to: when the approval result indicates that the approval is passed, obtain a data application form corresponding to the user identifier from the approval server, and read the first field from the data application form;
- a data obtaining module configured to: when the first field matches the second field, acquire data corresponding to the second field, and return the data to the first terminal.
- a computer device comprising a memory and one or more processors having stored therein computer readable instructions, the computer readable instructions being executable by the processor to cause the one or more processors to execute The following steps: receiving a first data acquisition request sent by the first terminal, where the first data acquisition request carries a second field and a user identifier corresponding to the first terminal; generating an approval determination request according to the user identifier, and After the generated approval judgment request is sent to the approval server, the receiving approval server obtains an approval result corresponding to the user identifier obtained according to the approval judgment request query; when the approval result indicates that the approval is passed, the approval server obtains the approval from the approval server.
- the user identifier corresponding to the data request form, and reading the first field from the data application table; and when the first field matches the second field, acquiring the corresponding second field Data and return the data to the first terminal.
- One or more non-transitory computer readable storage mediums storing computer readable instructions, when executed by one or more processors, cause one or more processors to perform the steps of: receiving a first terminal a first data acquisition request, where the first data acquisition request carries a second field and a user identifier corresponding to the first terminal; generating an approval determination request according to the user identifier, and sending the generated approval judgment request
- the receiving approval server determines the approval result corresponding to the user identifier obtained according to the approval judgment request; and when the approval result indicates that the approval is passed, the data corresponding to the user identifier is obtained from the approval server.
- An application form and reading a first field from the data request form; and when the first field matches the second field, acquiring data corresponding to the second field, and The data is returned to the first terminal.
- FIG. 1 is an application scenario diagram of a data acquisition method according to one or more embodiments.
- FIG. 2 is a flow diagram of a method of data acquisition in accordance with one or more embodiments.
- FIG. 3 is a network area partitioning diagram in accordance with one or more embodiments.
- FIG. 4 is a flow diagram of an approval step in accordance with one or more embodiments.
- FIG. 5 is a block diagram of a data acquisition device in accordance with one or more embodiments.
- FIG. 6 is a block diagram of a computer device in accordance with one or more embodiments.
- the data acquisition method provided by the present application can be applied to an application environment as shown in FIG. 1.
- the first terminal and the second terminal communicate with the data server through the network, the data server communicates with the approval server and the database, and the approval server also communicates with the first terminal, the third terminal, and the fourth terminal.
- the first terminal is a user terminal, and is used to start an approval process and a data acquisition process, where the approval process is that the first terminal sends a data application form acquisition request to the approval server, so that the approval server sends the completed data to the first terminal.
- the application form is approved.
- the data acquisition process is that the first terminal sends a data acquisition request to the data server, so that the data server returns the corresponding data.
- the second terminal is an inquiry terminal, which is used for querying the data access log of the data server
- the third terminal is a pre-audit terminal, and is used for pre-approving the completed data application form sent by the first terminal, for example, format approval, etc.
- the four terminals are approval terminals for substantive approval of the data application form sent by the first terminal.
- the first terminal sends a data acquisition request to the data server, where the data acquisition request carries the user identifier, the data server generates an approval judgment request according to the user identifier, and sends the generated approval judgment request to the approval server, and the approval server determines the request according to the approval Querying the approval result corresponding to the user identifier, and sending the approval result to the data server.
- the data server determines that the approval result is approved
- the data request form corresponding to the user identifier is obtained from the approval server, and is obtained from the data application form.
- the data server queries the data corresponding to the second field and returns to the first terminal.
- the data application form is obtained by the first terminal in advance to the approval server, that is, the first terminal sends a data application form acquisition request to the approval server, and the approval server acquires the data application form and the approval chain corresponding to the user identifier corresponding to the first terminal.
- the first terminal sends the completed data application form and the selected approval chain to the approval server, and the approval server first sends the data application form to the third terminal for pre-audit, and when the third terminal pre-audit result is approved, the The data application form is sent to the fourth terminal corresponding to the approval chain for approval, until the approval result of the fourth terminal corresponding to the approval chain is approved.
- the first terminal, the second terminal, the third terminal, and the fourth terminal may be, but are not limited to, various personal computers, notebook computers, smart phones, tablets, and portable wearable devices, and the data server and the approval server may be separate servers or It is implemented by a server cluster composed of multiple servers.
- a data acquisition method is provided, which is applied to the data server in FIG. 1 as an example, and includes the following steps:
- S202 Receive a first data acquisition request sent by the first terminal, where the first data acquisition request carries a second field and a user identifier corresponding to the first terminal.
- the first data acquisition request is a request that is sent by the first terminal to the data server for acquiring data in the data server, where the user identifier corresponding to the account that logs in to the first terminal is carried, and the user identifier may be the user identifier.
- the mobile phone number, the user name, or the user number, etc. can uniquely determine the account to log in to the first terminal.
- the second field refers to a field corresponding to the data that the first terminal requests to obtain.
- the second field may be a transaction amount, a transaction account, or the like.
- S204 Generate an approval judgment request according to the user identifier, and send the generated approval judgment request to the approval server, and receive an approval result corresponding to the user identifier obtained by the approval server according to the approval judgment request.
- the approval judgment request is generated according to the user identifier sent by the first terminal, and therefore, it is also in a one-to-one correspondence with the account that logs in to the first terminal.
- the approval server queries the corresponding approval result according to the user identifier in the approval judgment request, and returns the queried approval result to the data server.
- the data request form obtained by the data server is a data application form sent by the first terminal to the approval server and approved by the approval server, where the range of data that the account can obtain from the data server is recorded, for example, in the form of a field. Make a representation.
- the data server After receiving the approval result sent by the approval server, the data server determines whether the approval result indicates that the approval is passed, that is, whether the account corresponding to the user identifier has the right to obtain data.
- the data server obtains the data from the approval server. Go to the data application table corresponding to the user identifier, and obtain the first field of the data that the account corresponding to the user identifier can obtain from the data server from the data application table.
- the first field is a field stored in the data request form that has been approved, for example, the first field may be a transaction amount, a transaction account, or the like.
- the data server may determine, by means of fuzzy matching, whether the first field matches the second field in the data acquisition request, and when the first field matches the second field, the data corresponding to the second field may be acquired. And returning the data to the first terminal, thereby ensuring that the first terminal can only access the data within the approval authority, thereby ensuring the security of the data of the data server. Not all first terminals can obtain data from the data server. Only the account approved by the approval server can obtain data from the data server, and the acquired data is limited to the approved field, and the data server can be guaranteed. The security of the data.
- the data server can obtain corresponding data from the database in communication with it and return to the first terminal.
- the database connected to the data server may exist in plurality, so that the data server may first determine the database of the data storage according to the second field, and then query the data corresponding to the second field from the determined database, so that Can reduce the amount of queries, thereby improving the efficiency of data feedback.
- the data acquisition method when receiving the data acquisition request sent by the first terminal, first determines whether the user who logs in to the first terminal approves the approval, and when the approval is passed, obtains the corresponding data application form, and secondly, passes the data application form. Obtaining a first field that is allowed to be acquired by the first terminal, and when the first field matches the second field, the data requested by the first terminal is returned to the first terminal, so that when the unapproved user applies for data, or When an approved user requests a field that has not passed the approval, the data application will fail, thus ensuring the security of the data.
- the step S208 may include: acquiring data corresponding to the second field from the first database located in the inner network area. .
- a data file is generated based on the acquired data, and the data file is stored in a second database of the public network area. Get the storage address of the data file in the second database. The storage address is sent to the first terminal.
- FIG. 3 is a network area division diagram in an embodiment, where the network area includes an inner network area, a public network area, and an outer network area, wherein the first database connected to the data server may be set in the inner network.
- the area can be used to shield the access of the external network area and avoid direct contact with the external network area.
- the public network area is a bridge for the internal network area to interact with the external network area.
- the transit data can be stored in the public network area, thereby ensuring
- the database of the internal network area does not directly interact with the first terminal of the external network area, and the external network area is the network area where the first terminal is located.
- the data server acquires data corresponding to the second field from the first database located in the inner network area, and generates a data file or the like for convenience, for example, generating an excel document, a csv document, and the like.
- the generated data file is stored in the second database of the public network area, so that the first terminal located in the outer network area can obtain the data file.
- the data server stores the data file in the public network area
- the storage address of the data file in the public network area is obtained, and the storage address is sent to the first terminal.
- the first terminal can obtain the storage address according to the storage address.
- the data server receives the second data acquisition request sent by the first terminal, and the second data acquisition request carries the storage address.
- the data server acquires data corresponding to the storage address, and returns the acquired data to the first terminal.
- the data server obtains data corresponding to the second field in the inner network area, and stores data corresponding to the second field to the second database, where the second database may be in the public network area, and thus the external network Directly connecting, the first terminal may obtain corresponding data from the second database stored in the public network area according to the storage address returned by the data server to the first terminal, so that the first terminal does not directly contact the first network located in the inner network area.
- a database communication reduces the data contact surface and reduces the risk of data leakage.
- the method may further include: acquiring a public key corresponding to the user identifier; and encrypting the generated data document by using the obtained public key.
- the data server obtains the public key corresponding to the user identifier after acquiring the data corresponding to the second field, and performs the generated data file by using the public key corresponding to the user identifier. Encryption, and then storing the encrypted data file in the public network area, so that the data file is encrypted in the internal network area, so that the data of the public network area is encrypted data, even if it is obtained by illegal elements, due to its There is no corresponding private key, so it is impossible to get the data.
- the first terminal After the first terminal obtains the encrypted data file, the user private key corresponding to the account that is logged in to the first terminal is obtained, and the user private key is corresponding to the public key, and the user private key pair is obtained.
- the encrypted data file is decrypted to obtain a decrypted document, so that the first terminal can obtain the plaintext of the data.
- the data is encrypted in the inner network area, and the encrypted data is stored in the public network area, so that after the data is transmitted from the inner network area, the data is transmitted in the ciphertext manner to ensure the data. safety.
- the method may further include: generating an export log corresponding to the first terminal.
- the method further includes: receiving a leaked data query request sent by the second terminal, the leaked data query request carrying the leaked data identifier; querying the exported log corresponding to the leaked data identifier, and transmitting the queried export log to the second terminal; Obtaining a user identifier corresponding to the queried export log, and generating an approval result modification instruction according to the user identifier corresponding to the queried export log; sending the approval result modification instruction to the approval server, and the approval result modification instruction is used to indicate that the approval server is to be The approval result corresponding to the approval result modification instruction is changed to the approval failure.
- the export log can include a data identifier, such as a field of data.
- the export log may also include an export time, a user identifier corresponding to an account for exporting data, and the like, and no specific limitation is imposed herein.
- the reason for storing the foregoing export log is to ensure that the second terminal can query which of the first terminals causes data leakage when the data is leaked, so that the second terminal that causes the data leakage can be re-approved.
- the leaked data query request is sent by the second terminal to the data server, where the leaked data identifier is carried, and the leaked data identifier is an identifier that can uniquely determine the leaked data, which may be a field of leaked data or the like.
- the second terminal may send a leaked data query request to the data server, and after receiving the leaked data query request, the data server queries the export log corresponding to the leaked identifier, and sends the exported log to the second terminal, so that the second The terminal can operate according to the export log, for example, determining the influence range of the leaked data.
- the data server can obtain the user identifier corresponding to the queried export log, generate an approval result modification instruction according to the user identifier, and send the approval result modification instruction to the approval server, so that the approval server receives the approval result modification.
- the corresponding approval result is first queried according to the user identifier, and then the approval result is modified to the approval failure, and optionally, the approval server can also notify the user corresponding to the user identifier, for example, by mail, WeChat, phone, SMS The notification is made in such a way that the user can modify it in time.
- the service server receives the query request, and the data server traverses the export log according to the query request to obtain the export log corresponding to the leaked data identifier, and sends the export log to the second terminal, thereby reducing the query amount, and the data server is Obtaining a log related to the leak in the export log, and querying the user identifier corresponding to the log related to the leak, and sending the user identifier to the approval server, and the approval server modifies the approval result corresponding to the user identifier to the approval failure. And notifying the user corresponding to the user identifier can prevent further leakage of data.
- FIG. 4 is a flowchart of an approval step in an embodiment, where the approval step is that the approval result can be obtained before the embodiment shown in FIG. 2, and the approval is performed.
- the steps can include:
- S402 The data request form acquisition request sent by the first terminal is received by the approval server, where the data application form acquisition request carries the user identifier corresponding to the first terminal.
- the data request form obtaining request is sent by the first terminal to the approval server, and is used to obtain a request for the data request form, where the request carries the user identifier, so that the approval server can obtain the approval chain and the data application form according to the user identifier. .
- S404 Obtain an approval chain corresponding to the user identifier by using the approval server, and return the approval chain to the first terminal.
- the approval server may obtain the corresponding approval chain according to the user identifier.
- the approval server can pre-set multiple approval chains. Different approval chains correspond to different approval items.
- the approval server can obtain the corresponding approval items according to the user identification, and then obtain the corresponding approval personnel identification according to the approval items, and then the approval personnel identification.
- the approval chain is generated in the order of approval, and the generated approval chain is returned to the corresponding first terminal.
- the current processing amount of each approval chain can also be given, wherein the current processing amount of each approval chain is equal to the total processing amount of all approved users in the approval chain.
- the number of users in the approval chain so that users can select the approval chain with the least amount of processing at the current time for approval, so as to improve the efficiency of approval.
- S406 Receive, by the approval server, the completed data application form returned by the first terminal and the selected approval chain.
- the first terminal displays the first terminal and the approval chain on the interface, and the user can select a corresponding approval chain and fill in the data application form on the interface.
- the first terminal sends the data application form completed by the user and the approval chain selected by the user to the approval server.
- S408 Send the completed data application form to the corresponding third terminal by using the approval server, and receive the pre-audit result returned by the third terminal.
- the approval server sends the data application form to the corresponding third terminal, and after receiving the data application form, the third terminal pre-screens the data application form, and The pre-audit results are returned to the approval server.
- the approval server selects the corresponding fourth terminal according to the approval chain selected by the user, and sends the data application form to the fourth terminal for approval.
- the approval server may obtain the current fourth terminal corresponding to the current approval user in the approval chain selected by the user, and send the data application form to the current fourth terminal for approval, so that the current fourth terminal may The application form is approved, and the approval result is returned to the approval server, and the approval server receives the current fourth terminal to return the current approval result.
- the approval server continues to obtain the next approval user corresponding in the approval chain.
- the next fourth terminal sends the data request form to the next fourth terminal for approval until all the approved users in the approval chain approve the data application form.
- the approval is performed according to the approval user in the approval chain selected by the user, and the approval is in an orderly manner in a certain order.
- the approval server receives the approval result returned by the fourth terminal, and when all the approval results in the approval chain indicate that the approval is passed, the approval server associates the user identifier with the data application table, and the approval result corresponding to the user identifier is Marked as approved. Therefore, the data server can obtain the approval result and the data application form according to the user identifier.
- the approval server after receiving the data request form acquisition request sent by the first terminal, the approval server returns an approval chain corresponding to the user identifier to the first terminal, so that the user can select an approval chain from the returned approval chain, and pass the
- the users in the pre-audit and approval chain are approved in order, which makes the approval process in an orderly manner and improves the efficiency of examination and approval.
- the approval step is that the approval result is obtained.
- the method further includes: when the approval result of the fifth terminal in the approval chain is that the approval fails, the approval server sends the result of the approval failure to the approval server.
- the first terminal receives the modified data request form sent by the first terminal by using the approval server, and sends the data application form to the fifth terminal.
- the approval server returns the approval result of the approval failure to the first terminal, so that The first terminal modifies according to the approval result, and resubmits the modified data application form after the modification is completed, and the approval server obtains the resubmitted data request form after receiving the resubmitted modified data application form.
- the fifth terminal that is last approved corresponding to the modified data application form, and the modified data acquisition application form is sent to the fifth terminal, so that the approval chain can be avoided again, resulting in waste of the approval resources.
- the modified data application form may be compared with the data application form before the modification, and the content that is different after the comparison, that is, the modified content is marked. For example, red or highlight, etc., so that the user can clearly see the modified content of the application user.
- the reason for not passing the approval may be sent to the first terminal, so that the first terminal may modify the data request form, and the modified data application form is sent to the first terminal.
- the approval server allocates the modified data application form to the fifth terminal, so that the approval chain can be avoided again, resulting in waste of the approval resources.
- the sending the completed data request form to the corresponding third terminal by the approval server may further include: obtaining, by the approval server, the third terminal that is online in the cluster, and selecting from the third terminal in the online The third terminal with the least amount of tasks is currently sent; the completed data request form is sent to the selected third terminal by the approval server.
- the third terminal may exist in a manner of a terminal cluster, so that the approval server sends the data application form to the corresponding third terminal, or the appropriate terminal is first selected from the terminal cluster, and then the data application form is sent to the terminal.
- the appropriate terminal wherein the suitable terminal may be the third terminal in the terminal cluster that is online and has the least amount of tasks, such as a third terminal that is online and has the least pre-review task, and the approval server sends the data request form to the least amount of tasks.
- the online third terminal performs pre-audit and receives the pre-audit result of the third terminal, wherein the pre-audit is generally a formal review of the format or whether the content is complete, and the audit in the approval chain is a substantive review.
- the third terminal exists in the manner of the terminal cluster.
- the approval server receives the data application form
- the third terminal that is online and has the least preset task amount can be selected for pre-audit, thereby improving the efficiency of the pre-audit. , thereby improving the efficiency of the entire approval.
- FIGS. 2 and 4 are sequentially displayed in accordance with the indication of the arrows, these steps are not necessarily performed in the order indicated by the arrows. Except as explicitly stated herein, the execution of these steps is not strictly limited, and the steps may be performed in other orders. Moreover, at least some of the steps in FIGS. 2 and 4 may include a plurality of sub-steps or stages, which are not necessarily performed at the same time, but may be performed at different times, or The order of execution of the stages is also not necessarily sequential, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or other steps.
- a data obtaining apparatus including: a first receiving module 100, an approval result receiving module 200, a field obtaining module 300, and a data acquiring module 400, wherein:
- the first receiving module 100 is configured to receive a first data acquisition request sent by the first terminal, where the first data acquisition request carries a second field and a user identifier corresponding to the first terminal.
- the approval result receiving module 200 is configured to generate an approval judgment request according to the user identifier, and send the generated approval judgment request to the approval server, and receive the approval result corresponding to the user identifier obtained by the approval server according to the approval judgment request.
- the field obtaining module 300 is configured to: when the approval result indicates that the approval is passed, obtain a data application form corresponding to the user identifier from the approval server, and read the first field from the data application table.
- the data obtaining module 400 is configured to: when the first field matches the second field, acquire data corresponding to the second field, and return the data to the first terminal.
- the data acquisition module 400 can include:
- the first data acquiring unit is configured to acquire data corresponding to the second field from the first database located in the inner network area.
- a storage unit configured to generate a data file according to the acquired data, and store the data file in a second database of the public network area.
- An address obtaining unit is configured to obtain a storage address of the data file in the second database.
- the first sending unit is configured to send the storage address to the first terminal.
- the receiving unit is configured to receive a second data acquisition request sent by the first terminal, where the second data acquisition request carries a storage address.
- the second data acquiring unit is configured to acquire data corresponding to the storage address, and return the acquired data to the first terminal.
- the apparatus may further include:
- the public key obtaining module is configured to obtain a public key corresponding to the user identifier.
- An encryption module configured to encrypt the generated data document by using the obtained public key.
- the apparatus may further include:
- the log exporting module is configured to generate an export log corresponding to the first terminal.
- the second receiving module is configured to receive the leaked data query request sent by the second terminal, and the leaked data query request carries the leaked data identifier.
- the query module is configured to query the export log corresponding to the leaked data identifier, and send the queried export log to the second terminal.
- the instruction generation module is configured to obtain a user identifier corresponding to the queried export log, and generate an approval result modification instruction according to the user identifier corresponding to the queried export log.
- the first sending module is configured to send the approval result modification instruction to the approval server, and the approval result modification instruction is used to instruct the approval server to modify the approval result corresponding to the approval result modification instruction to the approval failure.
- the apparatus may further include:
- the data application form obtaining module is configured to receive, by the approval server, a data application form acquisition request sent by the first terminal, where the data application form acquisition request carries the user identifier corresponding to the first terminal.
- the approval chain obtaining module is configured to obtain an approval chain corresponding to the user identifier through the approval server, and return the approval chain to the first terminal.
- the third receiving module is configured to receive, by the approval server, the completed data application form returned by the first terminal and the selected approval chain.
- the pre-audit module is configured to send the completed data application form to the corresponding third terminal by the approval server, and receive the pre-audit result returned by the third terminal.
- the approval module is configured to send the data application form to the fourth terminal corresponding to the selected approval chain for approval by the approval server when the pre-trial result indicates that the pre-trial is passed.
- the marking module is configured to store the user identifier and the data application form by the approval server when the approval result of the fourth terminal corresponding to the approval chain indicates that the approval is passed, and mark the approval result corresponding to the user identifier as the approval.
- the apparatus may further include:
- the second sending module is configured to: when the approval result of the fifth terminal in the approval chain is that the approval fails, the result of the approval failure is sent to the first terminal by the approval server.
- a modification module configured to receive, by the approval server, the modified data application form sent by the first terminal, and send the data application form to the fifth terminal.
- the pre-audit module can include:
- the selecting unit is configured to obtain a third terminal that is online in the cluster by using the approval server, and select a third terminal with the least amount of tasks from the third terminal in the online.
- the second sending unit is configured to send the completed data request form to the selected third terminal by using the approval server.
- the various modules in the above data acquisition device may be implemented in whole or in part by software, hardware, and combinations thereof.
- Each of the above modules may be embedded in or independent of the processor in the computer device, or may be stored in a memory in the computer device in a software form, so that the processor invokes the operations corresponding to the above modules.
- a computer device which may be a server, and its internal structure diagram may be as shown in FIG. 6.
- the computer device includes a processor, memory, network interface, and database connected by a system bus.
- the processor of the computer device is used to provide computing and control capabilities.
- the memory of the computer device includes a non-volatile storage medium, an internal memory.
- the non-volatile storage medium stores an operating system, computer readable instructions, and a database.
- the internal memory provides an environment for operation of an operating system and computer readable instructions in a non-volatile storage medium.
- the database of the computer device is used to store data.
- the network interface of the computer device is used to communicate with an external terminal via a network connection.
- the computer readable instructions are executed by a processor to implement a data acquisition method.
- FIG. 6 is only a block diagram of a part of the structure related to the solution of the present application, and does not constitute a limitation of the computer device to which the solution of the present application is applied.
- the specific computer device may It includes more or fewer components than those shown in the figures, or some components are combined, or have different component arrangements.
- a computer device comprising a memory and one or more processors, the memory storing computer readable instructions, the computer readable instructions being executed by the processor, causing the one or more processors to perform the step of: receiving the first terminal to send The first data acquisition request, the first data acquisition request carries the second field and the user identifier corresponding to the first terminal; generates an approval judgment request according to the user identifier, and sends the generated approval judgment request to the approval server, and receives the approval
- the server obtains the approval result corresponding to the user identifier obtained by the query according to the approval judgment; when the approval result indicates that the approval is passed, the data application table corresponding to the user identifier is obtained from the approval server, and the first field is read from the data application table; When the first field matches the second field, the data corresponding to the second field is acquired, and the data is returned to the first terminal.
- the obtaining, by the processor when the computer readable instructions are executed, the data corresponding to the second field, and returning the data to the first terminal may include: obtaining, by using the first database located in the inner network area Data corresponding to the two fields; generating a data file according to the acquired data, and storing the data file in a second database of the public network area; acquiring a storage address of the data file in the second database; transmitting the storage address to the first terminal; receiving a second data acquisition request sent by the first terminal, where the second data acquisition request carries a storage address; acquires data corresponding to the storage address, and returns the acquired data to the first terminal.
- the method may further include: acquiring a public key corresponding to the user identifier; and generating the data by using the acquired public key pair The document is encrypted.
- returning the data to the first terminal may further include: generating an export log corresponding to the first terminal; thereby the processor further executing the computer readable instructions The following steps are performed: receiving the leaked data query request sent by the second terminal, the leaked data query request carrying the leaked data identifier; querying the export log corresponding to the leaked data identifier, and sending the queried export log to the second terminal; The user identifier corresponding to the exported log is generated, and an approval result modification instruction is generated according to the user identifier corresponding to the queried export log; the approval result modification instruction is sent to the approval server, and the approval result modification instruction is used to indicate the approval server and the approval result. The approval result corresponding to the modification instruction is modified to be approved.
- the method for obtaining the approval result involved in the execution of the computer readable instruction includes: receiving, by the approval server, a data application form acquisition request sent by the first terminal, where the data application form acquisition request carries the first terminal Corresponding user identifier; obtaining an approval chain corresponding to the user identifier through the approval server, and returning the approval chain to the first terminal; receiving the completed data application form and the selected approval chain returned by the first terminal through the approval server; The approval server sends the completed data application form to the corresponding third terminal, and receives the pre-audit result returned by the third terminal; when the pre-trial result indicates that the pre-trial approval is passed, the data application form is sent to the selected approval through the approval server.
- the fourth terminal corresponding to the chain performs approval; when the approval result of the fourth terminal corresponding to the approval chain indicates that the approval is passed, the user identification is associated with the data application table through the approval server, and the approval result corresponding to the user identification is marked as Approved.
- the method for obtaining the approval result involved when the processor executes the computer readable instruction further includes: when the approval result of the fifth terminal in the approval chain is that the approval fails, the approval is not approved by the approval server.
- the result of the pass is sent to the first terminal; the modified data request form sent by the first terminal is received by the approval server, and the data request form is sent to the fifth terminal.
- the data request form that is completed by the approval server is sent to the corresponding third terminal, and may further include: acquiring, by the approval server, the third terminal in the cluster. And selecting, from the third terminal in the line, the third terminal with the smallest amount of the current task; and sending the completed data application form to the selected third terminal by using the approval server.
- One or more non-volatile storage media storing computer readable instructions, when executed by one or more processors, cause one or more processors to perform the steps of: receiving a first terminal a data acquisition request, the first data acquisition request carries a second field and a user identifier corresponding to the first terminal; generating an approval determination request according to the user identifier, and sending the generated approval judgment request to the approval server, and receiving the approval server according to Approving and judging the approval result corresponding to the user identifier obtained by the request query; when the approval result indicates that the approval is passed, obtaining a data application form corresponding to the user identifier from the approval server, and reading the first field from the data application form; When a field matches the second field, the data corresponding to the second field is obtained, and the data is returned to the first terminal.
- the obtaining, by the processor, the acquiring data corresponding to the second field and returning the data to the first terminal may include: obtaining, from the first database located in the inner network area Data corresponding to the second field; generating a data file according to the acquired data, and storing the data file in a second database of the public network area; acquiring a storage address of the data file in the second database; and sending the storage address to the first terminal; Receiving a second data acquisition request sent by the first terminal, where the second data acquisition request carries a storage address; acquiring data corresponding to the storage address, and returning the acquired data to the first terminal.
- the method may further include: acquiring a public key corresponding to the user identifier; generating the generated public key pair
- the data file is encrypted.
- the method may further include: generating an export log corresponding to the first terminal; thus the computer readable instructions are executed by the processor
- the method further includes the following steps: receiving a leaked data query request sent by the second terminal, the leaked data query request carrying the leaked data identifier; querying the exported log corresponding to the leaked data identifier, and sending the queried export log to the second terminal; Obtaining a user identifier corresponding to the queried export log, and generating an approval result modification instruction according to the user identifier corresponding to the queried export log; sending the approval result modification instruction to the approval server, and the approval result modification instruction is used to indicate that the approval server is to be The approval result corresponding to the approval result modification instruction is changed to the approval failure.
- the method for obtaining the approval result involved when the computer readable instruction is executed by the processor includes: receiving, by the approval server, a data application form acquisition request sent by the first terminal, where the data application form acquisition request carries the first a user identifier corresponding to the terminal; obtaining an approval chain corresponding to the user identifier through the approval server, and returning the approval chain to the first terminal; receiving, by the approval server, the completed data application form returned by the first terminal and the selected approval chain; Sending the completed data request form to the corresponding third terminal through the approval server, and receiving the pre-audit result returned by the third terminal; when the pre-trial result indicates that the pre-audit is passed, the data request form is sent to the selected one through the approval server.
- the fourth terminal corresponding to the approval chain performs approval; when the approval result of the fourth terminal corresponding to the approval chain indicates that the approval is passed, the user identification is stored in association with the data application form by the approval server, and the approval result corresponding to the user identification is marked. For approval.
- the method for obtaining the approval result involved when the computer readable instruction is executed by the processor further includes: when the approval result of the fifth terminal in the approval chain is that the approval fails, the approval is performed by the approval server. The failed result is sent to the first terminal; the modified data request form sent by the first terminal is received by the approval server, and the data application form is sent to the fifth terminal.
- the computer-readable instruction is executed by the processor to send the completed data request form to the corresponding third terminal by the approval server, and may further include: acquiring, by the approval server, the third online in the cluster.
- the terminal selects a third terminal with the least amount of tasks from the third terminal in the online terminal; and sends the completed data application form to the selected third terminal by using the approval server.
- Non-volatile memory can include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
- Volatile memory can include random access memory (RAM) or external cache memory.
- RAM is available in a variety of formats, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronization chain.
- SRAM static RAM
- DRAM dynamic RAM
- SDRAM synchronous DRAM
- DDRSDRAM double data rate SDRAM
- ESDRAM enhanced SDRAM
- Synchlink DRAM SLDRAM
- Memory Bus Radbus
- RDRAM Direct RAM
- DRAM Direct Memory Bus Dynamic RAM
- RDRAM Memory Bus Dynamic RAM
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
一种数据获取方法,包括:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
Description
相关申请的交叉引用
本申请要求于2018年4月18日提交中国专利局,申请号为2018103504465,申请名称为“数据获取方法、装置、计算机设备和存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及一种数据获取方法、装置、计算机设备和存储介质。
随着信息技术的发展,数据共享成为一种趋势,各个业务方一直在寻求一种安全的数据共享的方式。
发明人意识到,各个业务方为了实现数据的共享,目前一般是通过线下拷贝的方式获取到数据,即各个业务方的工作人员线下去服务器通过硬盘等拷贝数据,并将拷贝的数据传输到本地。但是通过线下拷贝的方式耗时,且在拷贝数据的硬盘等丢失时,还会导致数据泄露,降低了数据的安全。
发明内容
根据本申请公开的各种实施例,提供一种数据获取方法、装置、计算机设备和存储介质。
一种数据获取方法,包括:
接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;
根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;
当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及
当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
一种数据获取装置,包括:
第一接收模块,用于接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;
审批结果接收模块,用于根据所述用户标识生成审批判断请求,并将所生成的审批判 断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;
字段获取模块,用于当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及
数据获取模块,用于当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
一种计算机设备,包括存储器和一个或多个处理器,所述存储器中储存有计算机可读指令,所述计算机可读指令被所述处理器执行时,使得所述一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
一个或多个存储有计算机可读指令的非易失性计算机可读存储介质,计算机可读指令被一个或多个处理器执行时,使得一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
本申请的一个或多个实施例的细节在下面的附图和描述中提出。本申请的其它特征和优点将从说明书、附图以及权利要求书变得明显。
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。
图1为根据一个或多个实施例中数据获取方法的应用场景图。
图2为根据一个或多个实施例中数据获取方法的流程示意图。
图3为根据一个或多个实施例中的网络区域划分图。
图4为根据一个或多个实施例中的审批步骤的流程图。
图5为根据一个或多个实施例中数据获取装置的框图。
图6为根据一个或多个实施例中计算机设备的框图。
为了使本申请的技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。
本申请提供的数据获取方法,可以应用于如图1所示的应用环境中。第一终端和第二终端通过网络与数据服务器进行通信,数据服务器与审批服务器和数据库相通信,审批服务器还与第一终端、第三终端和第四终端相通信。其中第一终端为用户终端,用于开启审批过程和数据获取过程,其中审批过程是第一终端向审批服务器发送数据申请表获取请求,以使审批服务器对第一终端发送过来的填写完成的数据申请表进行审批。数据获取过程则是第一终端向数据服务器发送数据获取请求,以便于数据服务器返回对应的数据。第二终端为查询终端,用于查询数据服务器的数据访问的日志等,第三终端为预审终端,用于对第一终端发送的填写完成的数据申请表进行预先审批,例如格式审批等,第四终端为审批终端,用于对第一终端发送的数据申请表进行实质审批。
第一终端向数据服务器发送数据获取请求,该数据获取请求携带有用户标识,数据服务器根据该用户标识生成审批判断请求,并将生成的审批判断请求发送至审批服务器,审批服务器根据该审批判断请求查询用户标识对应的审批结果,并将该审批结果发送给数据服务器,数据服务器在判断出审批结果为审批通过时,则从审批服务器获取用户标识对应的数据申请表,并从数据申请表中获取到第一字段,当该第一字段与数据服务器接收的数据获取请求中的第二字段相匹配时,数据服务器才会查询与第二字段对应的数据,并返回至第一终端。且其中数据申请表是第一终端预先向审批服务器审批获得的,即第一终端向审批服务器发送数据申请表获取请求,审批服务器获取与第一终端对应的用户标识对应的数据申请表和审批链,第一终端将用户填写完成的数据申请表和所选择的审批链发送给审批服务器,审批服务器将数据申请表首先发送给第三终端进行预审,当第三终端预审结果为审批通过时,再将数据申请表发送给与审批链对应的第四终端进行审批,直至与审批链对应的第四终端的审批结果均为审批通过。
第一终端、第二终端、第三终端以及第四终端可以但不限于是各种个人计算机、笔记本电脑、智能手机、平板电脑和便携式可穿戴设备,数据服务器和审批服务器可以用独立的服务器或者是多个服务器组成的服务器集群来实现。
在一个实施例中,如图2所示,提供了一种数据获取方法,以该方法应用于图1中的数据服务器为例进行说明,包括以下步骤:
S202:接收第一终端发送的第一数据获取请求,第一数据获取请求携带有第二字段以及第一终端对应的用户标识。
具体地,第一数据获取请求是第一终端发送给数据服务器,用于获取数据服务器中 的数据的请求,其中携带有登录第一终端的账户所对应的用户标识,该用户标识可以是用户的手机号、用户名或者是用户编号等,其可以唯一地确定登录第一终端的账户。
第二字段是指第一终端要求获取到的数据对应的字段,例如,当第一终端所要获取的数据是交易数据时,该第二字段可以是交易金额、交易账户等。
S204:根据用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据审批判断请求查询获得的与用户标识对应的审批结果。
具体地,审批判断请求是根据第一终端发送的用户标识生成的,因此其与登录第一终端的账户也是一一对应关系。数据服务器将该审批判断请求发送给审批服务器后,审批服务器根据审批判断请求中的用户标识查询到对应的审批结果,并将所查询到的审批结果返回给数据服务器。
S206:当审批结果表示审批通过时,则从审批服务器获取与用户标识对应的数据申请表,并从数据申请表中读取第一字段。
具体地,数据服务器获取的数据申请表是第一终端发送给审批服务器,并经审批服务器审批通过的数据申请表,其中记载了账户可以从数据服务器获得的数据的范围,例如可以通过字段的形式进行表示。
数据服务器在接收到审批服务器所发送的审批结果后,判断该审批结果是否表示审批通过,即用户标识对应的账户是否具有数据获取的权限,当具有数据获取的权限时,数据服务器从审批服务器获取到与用户标识对应的数据申请表,并从该数据申请表中获取到用户标识对应的账户可以从数据服务器获取的数据的第一字段。该第一字段是存储到数据申请表中已经审批通过的字段,例如,第一字段可以是交易金额、交易账户等。
S208:当第一字段与第二字段相匹配时,则获取与第二字段对应的数据,并将数据返回至第一终端。
具体地,数据服务器可以通过模糊匹配的方式判断第一字段与数据获取请求中的第二字段是否匹配,当第一字段与第二字段相匹配时,则可以获取到与第二字段对应的数据,并将数据返回至第一终端,从而保证第一终端只能够接触到其审批权限内的数据,进而保证数据服务器的数据的安全性。且并非所有的第一终端均可以从数据服务器获取到数据,只有通过审批服务器审批通过的账户才可以从数据服务器获取到数据,且其获取到的数据仅限于审批通过的字段,可以保证数据服务器的数据的安全。
其中数据服务器可以从与其相通信的数据库中获取到相应的数据,并返回至第一终端。且可选地,与数据服务器相连接的数据库可以存在多个,从而数据服务器可以首先根据第二字段确定数据存储的数据库,然后再从所确定的数据库中查询与第二字段对应的数据,这样可以减少查询量,从而提高数据反馈的效率。
上述数据获取方法,当接收到第一终端发送的数据获取请求时,首先判断登录第一终端的用户是否审批通过,当审批通过时,则获取到对应的数据申请表,其次,通过数据申请表获取到允许第一终端获取的第一字段,当第一字段与第二字段匹配时,才会将第一 终端请求的数据返回给第一终端,从而当未经过审批的用户申请数据,或者经过审批的用户申请未通过审批的字段时,则会导致数据申请失败,从而保证了数据的安全。
在其中一个实施例中,上述步骤S208,即获取与第二字段对应的数据,并将数据返回至第一终端,可以包括:从位于内网区的第一数据库获取与第二字段对应的数据。根据所获取的数据生成数据文档,并将数据文档存储于公网区的第二数据库。获取数据文档在第二数据库的存储地址。将存储地址发送至第一终端。接收第一终端发送的第二数据获取请求,第二数据获取请求携带有存储地址。获取与存储地址对应的数据,并将所获取的数据返回至第一终端。
具体地,参阅图3,图3为一实施例中的网络区域划分图,网络区域包括内网区、公网区和外网区,其中与数据服务器相连接的第一数据库可以设置在内网区,从而可以屏蔽掉外网区的访问,避免与外网区直接接触,公网区是内网区与外网区进行交互的桥梁,其中中转的数据可以存储到该公网区,从而保证内网区的数据库不与外网区的第一终端等直接进行数据交互,外网区则是第一终端所在的网络区域。
在该实施例中,数据服务器从位于内网区的第一数据库获取到与第二字段对应的数据,且为了方便将该数据生成数据文档等,例如生成excel文档、csv文档等,并将所生成的数据文档存储于公网区的第二数据库,从而使得位于外网区的第一终端可以获取到该数据文档。数据服务器将数据文档存储至公网区后,获取到数据文档在公网区的存储地址,将该存储地址发送到第一终端,第一终端在接收到该存储地址后,可以根据该存储地址从公网区获取到对应的数据,例如数据服务器接收第一终端发送的第二数据获取请求,第二数据获取请求携带有存储地址。数据服务器获取与存储地址对应的数据,并将所获取的数据返回至第一终端。
上述实施例中,数据服务器在内网区获取到与第二字段对应的数据,并将与第二字段对应的数据存储至第二数据库,第二数据库可以是在公网区,从而与外网直接连接,第一终端可以根据数据服务器返回给第一终端的存储地址,从存储在公网区的第二数据库中获取到对应的数据,这样第一终端不会直接与位于内网区的第一数据库通信,减少数据接触面,降低数据泄露的风险。
在其中一个实施例中,根据所获取的数据生成数据文档之后,还可以包括:获取与用户标识对应的公钥;通过所获取的公钥对生成的数据文档进行加密。
具体地,为了保证数据在线传输的安全性,数据服务器在获取到与第二字段对应的数据后,还获取与用户标识对应的公钥,通过用户标识对应的公钥对所生成的数据文档进行加密,再将加密后的数据文档存储到公网区,这样在内网区就对数据文档进行了加密,从而公网区的数据都是加密后的数据,即使被非法分子获取到,由于其没有对应的私钥,因此也不可能获取到数据。且当第一终端获取到加密后的数据文档后,可以获取到与登录第一终端的账户对应的用户私钥,该用户私钥是与上述的公钥相对应的,通过该用户私钥对加密后的数据文档进行解密得到解密文档,从而使得第一终端可以获取到数据的明文。
上述实施例中,在内网区对数据进行加密,将加密后的数据存储到公网区,从而保证在数据从内网区传输出来后,均以密文的方式进行传输,保证了数据的安全性。
在其中一个实施例中,将数据返回至第一终端之后,还可以包括:生成与第一终端对应的导出日志。从而上述方法还包括:接收第二终端发送的泄露数据查询请求,泄露数据查询请求携带有泄露数据标识;查询与泄露数据标识对应的导出日志,并将查询到的导出日志发送到第二终端;获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的用户标识生成审批结果修改指令;将审批结果修改指令发送至审批服务器,审批结果修改指令用于指示审批服务器将与审批结果修改指令对应的审批结果修改为审批未通过。
具体地,数据服务器每次将数据返回至第一终端后,均会生成以对应的导出日志,以记录本次数据导出。该导出日志其中可以包括数据标识,例如数据的字段。该导出日志还可以包括导出时间、导出数据的账户对应的用户标识等,在此不做具体的限制。
其中,存储上述导出日志的原因是为了保证在数据泄露时,第二终端可以查询出哪一个第一终端导致的数据泄露,从而可以对导致数据泄露的第二终端重新进行审批。其中泄露数据查询请求是由第二终端发送给数据服务器的,其中携带有泄露数据标识,该泄露数据标识是可以唯一确定泄露数据的标识,其可以是泄露数据的字段等。
具体地,第二终端可以向数据服务器发送泄露数据查询请求,数据服务器在接收到该泄露数据查询请求后,查询与泄露标识对应的导出日志,并将导出日志发送到第二终端,从而第二终端可以根据导出日志来进行操作,例如确定泄露数据的影响范围等。且数据服务器可以获取到与查询到的导出日志对应的用户标识,并根据该用户标识生成审批结果修改指令,并将该审批结果修改指令发送给审批服务器,从而审批服务器在接收到该审批结果修改指令后,首先根据用户标识查询到对应的审批结果,然后将审批结果修改为审批未通过,且可选地,审批服务器还可以通知与用户标识对应的用户,例如通过邮件、微信、电话、短信等方式进行通知,以便于用户及时修改。
上述业务方服务器接收查询请求,数据服务器根据该查询请求遍历导出日志,以获取与泄漏数据标识对应的导出日志,并将该导出日志发送到第二终端,从而可以减少查询量,且数据服务器从该些导出日志中获取到泄漏相关的日志,并查询到与泄漏相关的日志对应的用户标识,将该用户标识发送到审批服务器,审批服务器将该用户标识对应的审批结果修改为审批未通过,并通知与该用户标识对应的用户,可以防止数据进一步泄露。
在其中一个实施例中,参阅图4,图4为一实施例中的审批步骤的流程图,该审批步骤即是审批结果的获取方式可以是在图2所示的实施例之前进行,该审批步骤可以包括:
S402:通过审批服务器接收第一终端发送的数据申请表获取请求,数据申请表获取请求携带有第一终端对应的用户标识。
具体地,数据申请表获取请求是第一终端向审批服务器发送的,用于获取到数据申请表的请求,该请求携带有用户标识,从而审批服务器可以根据用户标识获取到审批链和 数据申请表。
S404:通过审批服务器获取与用户标识对应的审批链,并将审批链返回至第一终端。
具体地,审批服务器在获取到数据申请表获取请求后,可以根据用户标识获取到对应的审批链。审批服务器可以预先设置多条审批链,不同的审批链对应不同的审批项目,审批服务器可以根据用户标识获取到对应的审批项目,然后根据审批项目获取到对应的审批人员标识,再将审批人员标识按照审批顺序连接生成审批链,并将所生成的审批链返回至对应的第一终端。且在审批服务器将审批链发送给第一终端时,还可以给出各个审批链当前的处理量,其中各个审批链的当前的处理量等于审批链中所有审批用户的总处理量比上所述审批链中的用户的数量,从而用户可以根据需要选择当前处理量最少的审批链进行审批,以便于提高审批的效率。
S406:通过审批服务器接收第一终端返回的填写完成的数据申请表和所选择的审批链。
具体地,第一终端在接收到数据申请表和审批链后,将第一终端和审批链显示在界面上,用户可以在该界面上选择对应的审批链,和填写数据申请表。第一终端将用户填写完成的数据申请表和用户所选择的审批链发送到审批服务器。
S408:通过审批服务器将填写完成的数据申请表发送至对应的第三终端,并接收第三终端返回的预审结果。
具体地,审批服务器在接收到填写完成的数据申请表后,将该数据申请表发送至对应的第三终端,第三终端接收到该数据申请表后,对该数据申请表进行预审,并将预审结果返回至审批服务器。
S410:当预审结果表示预审通过时,则通过审批服务器将数据申请表发送到与所选择的审批链对应的第四终端进行审批。
具体地,审批服务器接收到预审结果后,如果该预审结果表示预审通过,则审批服务器根据用户所选择的审批链选择对应的第四终端,并将该数据申请表发送至第四终端进行审批。具体地,审批服务器可以获取用户所选择的审批链中的当前审批用户对应的当前第四终端,并将数据申请表发送至该当前第四终端进行审批,从而该当前第四终端可以对该数据申请表进行审批,并将审批结果返回至审批服务器,审批服务器接收到该当前第四终端返回当前审批结果,当当前审批结果表示审批通过时,则审批服务器继续获取审批链中下一审批用户对应的下一第四终端,并将数据申请表发送至所述下一第四终端进行审批,直至所述审批链中所有审批用户对所述数据申请表审批完成。该实施例中根据用户选择的审批链中的审批用户进行审批,按照一定顺序,使得审批有条不紊。
S412:当审批链对应的第四终端的审批结果均表示审批通过时,则通过审批服务器将用户标识与数据申请表关联存储,并将用户标识对应的审批结果标记为审批通过。
具体地,审批服务器接收第四终端返回的审批结果,并在审批链中所有的审批结果均表示审批通过时,则审批服务器将用户标识与数据申请表关联存储,并将用户标识对应 的审批结果标记为审批通过。从而数据服务器可以根据用户标识获取到审批结果和数据申请表。
上述实施例,审批服务器在接收到第一终端发送的数据申请表获取请求后,向第一终端返回与用户标识对应的审批链,从而用户可以从返回的审批链中选取一个审批链,并且通过预审和审批链中的用户按照顺序进行审批,使得审批过程有条不紊,提高了审批效率。
在其中一个实施例中,该审批步骤即是审批结果的获取方式还可以包括:当审批链中存在第五终端的审批结果为审批未通过时,则通过审批服务器将审批未通过的结果发送至第一终端;通过审批服务器接收第一终端发送的修改后的数据申请表,并将数据申请表发送至第五终端。
具体地,若当前第四终端返回的审批结果表示审批未通过时,假设审批未通过时的第四终端为第五终端,则审批服务器将该审批未通过的审批结果返回至第一终端,以便于第一终端根据该审批结果进行修改,并在修改完成后重新提交修改后的数据申请表,且审批服务器在接收到该重新提交的修改后的数据申请表后,获取到与该重新提交的修改后的数据申请表对应的上次审批的第五终端,并将该修改后的数据获取申请表发送给该第五终端,从而可以避免重新再走一次审批链,导致审批资源的浪费。且可选地,在审批服务器获取到修改后的数据申请表后,可以将修改后的数据申请表与修改前的数据申请表进行比较,并比较后不相同的内容,即修改的内容进行标注,例如标红或者高亮等,以便于审批用户可以清楚的看到申请用户的修改的内容。
上述实施例中,当存在第五终端审批未通过时,则可以将未审批通过的原因发送给第一终端,从而第一终端可以对数据申请表进行修改,且修改后的数据申请表发送给审批服务器,审批服务器将该修改后的数据申请表分配给第五终端,从而可以避免重新再走一次审批链,导致审批资源的浪费。
在其中一个实施例中,通过审批服务器将填写完成的数据申请表发送至对应的第三终端,还可以包括:通过审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端;通过审批服务器将填写完成的数据申请表发送至所选取的第三终端。
具体地,第三终端可以是以终端集群的方式存在的,从而审批服务器将数据申请表发送到对应的第三终端可以是从终端集群中首先选取合适的终端,然后再将数据申请表发送到该合适的终端,其中合适的终端可以是终端集群中的在线的且任务量最少的第三终端,例如在线的且当前预审任务最少的第三终端,审批服务器将数据申请表发送该任务量最少的在线的第三终端进行预审,并接收第三终端的预审结果,其中预审一般是对格式或者是对内容是否完整的形式审核,审批链中的审核则是实质审核。
上述实施例中,第三终端是以终端集群的方式存在的,当审批服务器接收到了数据申请表,可以选取到在线的且预设任务量最少的第三终端进行预审,这样可以提高预审的 效率,从而提高整个审批的效率。
应该理解的是,虽然图2和图4的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,这些步骤可以以其它的顺序执行。而且,图2和图4中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,这些子步骤或者阶段的执行顺序也不必然是依次进行,而是可以与其它步骤或者其它步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。
在一个实施例中,如图5所示,提供了一种数据获取装置,包括:第一接收模块100、审批结果接收模块200、字段获取模块300和数据获取模块400,其中:
第一接收模块100,用于接收第一终端发送的第一数据获取请求,第一数据获取请求携带有第二字段以及第一终端对应的用户标识。
审批结果接收模块200,用于根据用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据审批判断请求查询获得的与用户标识对应的审批结果。
字段获取模块300,用于当审批结果表示审批通过时,则从审批服务器获取与用户标识对应的数据申请表,并从数据申请表中读取第一字段。
数据获取模块400,用于当第一字段与第二字段相匹配时,则获取与第二字段对应的数据,并将数据返回至第一终端。
在其中一个实施例中,数据获取模块400可以包括:
第一数据获取单元,用于从位于内网区的第一数据库获取与第二字段对应的数据。
存储单元,用于根据所获取的数据生成数据文档,并将数据文档存储于公网区的第二数据库。
地址获取单元,用于获取数据文档在第二数据库的存储地址。
第一发送单元,用于将存储地址发送至第一终端。
接收单元,用于接收第一终端发送的第二数据获取请求,第二数据获取请求携带有存储地址。
第二数据获取单元,用于获取与存储地址对应的数据,并将所获取的数据返回至第一终端。
在其中一个实施例中,装置还可以包括:
公钥获取模块,用于获取与用户标识对应的公钥。
加密模块,用于通过所获取的公钥对生成的数据文档进行加密。
在其中一个实施例中,装置还可以包括:
日志导出模块,用于生成与第一终端对应的导出日志。
第二接收模块,用于接收第二终端发送的泄露数据查询请求,泄露数据查询请求携 带有泄露数据标识。
查询模块,用于查询与泄露数据标识对应的导出日志,并将查询到的导出日志发送到第二终端。
修改指令生成模块,用于获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的用户标识生成审批结果修改指令。
第一发送模块,用于将审批结果修改指令发送至审批服务器,审批结果修改指令用于指示审批服务器将与审批结果修改指令对应的审批结果修改为审批未通过。
在其中一个实施例中,装置还可以包括:
数据申请表获取模块,用于通过审批服务器接收第一终端发送的数据申请表获取请求,数据申请表获取请求携带有第一终端对应的用户标识。
审批链获取模块,用于通过审批服务器获取与用户标识对应的审批链,并将审批链返回至第一终端。
第三接收模块,用于通过审批服务器接收第一终端返回的填写完成的数据申请表和所选择的审批链。
预审模块,用于通过审批服务器将填写完成的数据申请表发送至对应的第三终端,并接收第三终端返回的预审结果。
审批模块,用于当预审结果表示预审通过时,则通过审批服务器将数据申请表发送到与所选择的审批链对应的第四终端进行审批。
标记模块,用于当审批链对应的第四终端的审批结果均表示审批通过时,则通过审批服务器将用户标识与数据申请表关联存储,并将用户标识对应的审批结果标记为审批通过。
在其中一个实施例中,装置还可以包括:
第二发送模块,用于当审批链中存在第五终端的审批结果为审批未通过时,则通过审批服务器将审批未通过的结果发送至第一终端。
修改模块,用于通过审批服务器接收第一终端发送的修改后的数据申请表,并将数据申请表发送至第五终端。
在其中一个实施例中,预审模块可以包括:
选取单元,用于通过审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端。
第二发送单元,用于通过审批服务器将填写完成的数据申请表发送至所选取的第三终端。
关于数据获取装置的具体限定可以参见上文中对于数据获取方法的限定,在此不再赘述。上述数据获取装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。
在一个实施例中,提供了一种计算机设备,该计算机设备可以是服务器,其内部结构图可以如图6所示。该计算机设备包括通过系统总线连接的处理器、存储器、网络接口和数据库。其中,该计算机设备的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作系统、计算机可读指令和数据库。该内存储器为非易失性存储介质中的操作系统和计算机可读指令的运行提供环境。该计算机设备的数据库用于存储数据。该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机可读指令被处理器执行时以实现一种数据获取方法。
本领域技术人员可以理解,图6中示出的结构,仅仅是与本申请方案相关的部分结构的框图,并不构成对本申请方案所应用于其上的计算机设备的限定,具体的计算机设备可以包括比图中所示更多或更少的部件,或者组合某些部件,或者具有不同的部件布置。
一种计算机设备,包括存储器和一个或多个处理器,存储器中储存有计算机可读指令,计算机可读指令被处理器执行时,使得一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,第一数据获取请求携带有第二字段以及第一终端对应的用户标识;根据用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据审批判断请求查询获得的与用户标识对应的审批结果;当审批结果表示审批通过时,则从审批服务器获取与用户标识对应的数据申请表,并从数据申请表中读取第一字段;当第一字段与第二字段相匹配时,则获取与第二字段对应的数据,并将数据返回至第一终端。
在一个实施例中,处理器执行计算机可读指令时所实现的获取与第二字段对应的数据,并将数据返回至第一终端,可以包括:从位于内网区的第一数据库获取与第二字段对应的数据;根据所获取的数据生成数据文档,并将数据文档存储于公网区的第二数据库;获取数据文档在第二数据库的存储地址;将存储地址发送至第一终端;接收第一终端发送的第二数据获取请求,第二数据获取请求携带有存储地址;获取与存储地址对应的数据,并将所获取的数据返回至第一终端。
在一个实施例中,处理器执行计算机可读指令时所实现的根据所获取的数据生成数据文档之后,还可以包括:获取与用户标识对应的公钥;通过所获取的公钥对生成的数据文档进行加密。
在一个实施例中,处理器执行计算机可读指令时所实现的将数据返回至第一终端之后,还可以包括:生成与第一终端对应的导出日志;从而处理器执行计算机可读指令时还实现以下步骤:接收第二终端发送的泄露数据查询请求,泄露数据查询请求携带有泄露数据标识;查询与泄露数据标识对应的导出日志,并将查询到的导出日志发送到第二终端;获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的用户标识生成审批结果修改指令;将审批结果修改指令发送至审批服务器,审批结果修改指令用于指示审批服务器将与审批结果修改指令对应的审批结果修改为审批未通过。
在一个实施例中,处理器执行计算机可读指令时所涉及到的审批结果的获取方式包 括:通过审批服务器接收第一终端发送的数据申请表获取请求,数据申请表获取请求携带有第一终端对应的用户标识;通过审批服务器获取与用户标识对应的审批链,并将审批链返回至第一终端;通过审批服务器接收第一终端返回的填写完成的数据申请表和所选择的审批链;通过审批服务器将填写完成的数据申请表发送至对应的第三终端,并接收第三终端返回的预审结果;当预审结果表示预审通过时,则通过审批服务器将数据申请表发送到与所选择的审批链对应的第四终端进行审批;当审批链对应的第四终端的审批结果均表示审批通过时,则通过审批服务器将用户标识与数据申请表关联存储,并将用户标识对应的审批结果标记为审批通过。
在一个实施例中,处理器执行计算机可读指令时所涉及到的审批结果的获取方式还包括:当审批链中存在第五终端的审批结果为审批未通过时,则通过审批服务器将审批未通过的结果发送至第一终端;通过审批服务器接收第一终端发送的修改后的数据申请表,并将数据申请表发送至第五终端。
在一个实施例中,处理器执行计算机可读指令时所实现的通过审批服务器将填写完成的数据申请表发送至对应的第三终端,还可以包括:通过审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端;通过审批服务器将填写完成的数据申请表发送至所选取的第三终端。
一个或多个存储有计算机可读指令的非易失性存储介质,计算机可读指令被一个或多个处理器执行时,使得一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,第一数据获取请求携带有第二字段以及第一终端对应的用户标识;根据用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据审批判断请求查询获得的与用户标识对应的审批结果;当审批结果表示审批通过时,则从审批服务器获取与用户标识对应的数据申请表,并从数据申请表中读取第一字段;当第一字段与第二字段相匹配时,则获取与第二字段对应的数据,并将数据返回至第一终端。
在一个实施例中,计算机可读指令被处理器执行时所实现的获取与第二字段对应的数据,并将数据返回至第一终端,可以包括:从位于内网区的第一数据库获取与第二字段对应的数据;根据所获取的数据生成数据文档,并将数据文档存储于公网区的第二数据库;获取数据文档在第二数据库的存储地址;将存储地址发送至第一终端;接收第一终端发送的第二数据获取请求,第二数据获取请求携带有存储地址;获取与存储地址对应的数据,并将所获取的数据返回至第一终端。
在一个实施例中,计算机可读指令被处理器执行时所实现的根据所获取的数据生成数据文档之后,还可以包括:获取与用户标识对应的公钥;通过所获取的公钥对生成的数据文档进行加密。
在一个实施例中,计算机可读指令被处理器执行时所实现的将数据返回至第一终端之后,还可以包括:生成与第一终端对应的导出日志;从而计算机可读指令被处理器执行时还实现以下步骤:接收第二终端发送的泄露数据查询请求,泄露数据查询请求携带有泄 露数据标识;查询与泄露数据标识对应的导出日志,并将查询到的导出日志发送到第二终端;获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的用户标识生成审批结果修改指令;将审批结果修改指令发送至审批服务器,审批结果修改指令用于指示审批服务器将与审批结果修改指令对应的审批结果修改为审批未通过。
在一个实施例中,计算机可读指令被处理器执行时所涉及到的审批结果的获取方式包括:通过审批服务器接收第一终端发送的数据申请表获取请求,数据申请表获取请求携带有第一终端对应的用户标识;通过审批服务器获取与用户标识对应的审批链,并将审批链返回至第一终端;通过审批服务器接收第一终端返回的填写完成的数据申请表和所选择的审批链;通过审批服务器将填写完成的数据申请表发送至对应的第三终端,并接收第三终端返回的预审结果;当预审结果表示预审通过时,则通过审批服务器将数据申请表发送到与所选择的审批链对应的第四终端进行审批;当审批链对应的第四终端的审批结果均表示审批通过时,则通过审批服务器将用户标识与数据申请表关联存储,并将用户标识对应的审批结果标记为审批通过。
在一个实施例中,计算机可读指令被处理器执行时所涉及到的审批结果的获取方式还包括:当审批链中存在第五终端的审批结果为审批未通过时,则通过审批服务器将审批未通过的结果发送至第一终端;通过审批服务器接收第一终端发送的修改后的数据申请表,并将数据申请表发送至第五终端。
在一个实施例中,计算机可读指令被处理器执行时所实现的通过审批服务器将填写完成的数据申请表发送至对应的第三终端,还可以包括:通过审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端;通过审批服务器将填写完成的数据申请表发送至所选取的第三终端。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一非易失性计算机可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。
以上实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾, 都应当认为是本说明书记载的范围。
以上所述实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。
Claims (20)
- 一种数据获取方法,包括:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
- 根据权利要求1所述的方法,其特征在于,所述获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端,包括:从位于内网区的第一数据库获取与所述第二字段对应的数据;根据所获取的数据生成数据文档,并将所述数据文档存储于公网区的第二数据库;获取所述数据文档在所述第二数据库的存储地址;将所述存储地址发送至所述第一终端;接收所述第一终端发送的第二数据获取请求,所述第二数据获取请求携带有所述存储地址;及获取与所述存储地址对应的数据,并将所获取的数据返回至所述第一终端。
- 根据权利要求2所述的方法,其特征在于,所述根据所获取的数据生成数据文档之后,还包括:获取与所述用户标识对应的公钥;及通过所获取的公钥对生成的所述数据文档进行加密。
- 根据权利要求1至3任意一项所述的方法,其特征在于,所述将所述数据返回至所述第一终端之后,还包括:生成与所述第一终端对应的导出日志;所述方法还包括:接收第二终端发送的泄露数据查询请求,所述泄露数据查询请求携带有泄露数据标识;查询与所述泄露数据标识对应的导出日志,并将查询到的所述导出日志发送到所述第二终端;获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的所述用户标识生成审批结果修改指令;及将所述审批结果修改指令发送至审批服务器,所述审批结果修改指令用于指示所述审批服务器将与所述审批结果修改指令对应的审批结果修改为审批未通过。
- 根据权利要求1至3任意一项所述的方法,其特征在于,所述审批结果的获取方式包括通过审批服务器接收第一终端发送的数据申请表获取请求,所述数据申请表获取请求携带有所述第一终端对应的用户标识;通过所述审批服务器获取与所述用户标识对应的审批链,并将所述审批链返回至所述第一终端;通过所述审批服务器接收所述第一终端返回的填写完成的数据申请表和所选择的审批链;通过所述审批服务器将所述填写完成的数据申请表发送至对应的第三终端,并接收所述第三终端返回的预审结果;当所述预审结果表示预审通过时,则通过所述审批服务器将所述数据申请表发送到与所选择的审批链对应的第四终端进行审批;及当所述审批链对应的第四终端的审批结果均表示审批通过时,则通过所述审批服务器将所述用户标识与所述数据申请表关联存储,并将所述用户标识对应的审批结果标记为审批通过。
- 根据权利要求5所述的方法,其特征在于,所述审批结果的获取方式还包括:当所述审批链中存在第五终端的审批结果为审批未通过时,则通过所述审批服务器将所述审批未通过的结果发送至所述第一终端;及通过所述审批服务器接收所述第一终端发送的修改后的数据申请表,并将所述数据申请表发送至所述第五终端。
- 根据权利要求5所述的方法,其特征在于,所述通过所述审批服务器将所述填写完成的数据申请表发送至对应的第三终端,包括:通过所述审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端;通过所述审批服务器将所述填写完成的数据申请表发送至所选取的第三终端。
- 一种数据获取装置,包括:第一接收模块,用于接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;审批结果接收模块,用于根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;字段获取模块,用于当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及数据获取模块,用于当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
- 根据权利要求8所述的装置,其特征在于,所述数据获取模块包括:第一数据获取单元,用于从位于内网区的第一数据库获取与所述第二字段对应的数据;存储单元,用于根据所获取的数据生成数据文档,并将所述数据文档存储于公网区的第二数据库;地址获取单元,用于获取所述数据文档在所述第二数据库的存储地址;第一发送单元,用于将所述存储地址发送至所述第一终端;接收单元,用于接收所述第一终端发送的第二数据获取请求,所述第二数据获取请求携带有所述存储地址;及第二数据获取单元,用于获取与所述存储地址对应的数据,并将所获取的数据返回至所述第一终端。
- 一种计算机设备,包括存储器及一个或多个处理器,所述存储器中储存有计算机可读指令,所述计算机可读指令被所述一个或多个处理器执行时,使得所述一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
- 根据权利要求10所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所实现的所述获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端,包括:从位于内网区的第一数据库获取与所述第二字段对应的数据;根据所获取的数据生成数据文档,并将所述数据文档存储于公网区的第二数据库;获取所述数据文档在所述第二数据库的存储地址;将所述存储地址发送至所述第一终端;接收所述第一终端发送的第二数据获取请求,所述第二数据获取请求携带有所述存储地址;及获取与所述存储地址对应的数据,并将所获取的数据返回至所述第一终端。
- 根据权利要求11所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所实现的所述根据所获取的数据生成数据文档之后,还包括:获取与所述用户标识对应的公钥;及通过所获取的公钥对生成的所述数据文档进行加密。
- 根据权利要求10至12任意一项所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所实现的所述将所述数据返回至所述第一终端之后,还包括:生成与所述第一终端对应的导出日志;则所述处理器执行所述计算机可读指令时还执行以下步骤:接收第二终端发送的泄露数据查询请求,所述泄露数据查询请求携带有泄露数据标识;查询与所述泄露数据标识对应的导出日志,并将查询到的所述导出日志发送到所述第二终端;获取与查询到的导出日 志对应的用户标识,根据与查询到的导出日志对应的所述用户标识生成审批结果修改指令;及将所述审批结果修改指令发送至审批服务器,所述审批结果修改指令用于指示所述审批服务器将与所述审批结果修改指令对应的审批结果修改为审批未通过。
- 根据权利要求10至12任意一项所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所涉及的所述审批结果的获取方式包括通过审批服务器接收第一终端发送的数据申请表获取请求,所述数据申请表获取请求携带有所述第一终端对应的用户标识;通过所述审批服务器获取与所述用户标识对应的审批链,并将所述审批链返回至所述第一终端;通过所述审批服务器接收所述第一终端返回的填写完成的数据申请表和所选择的审批链;通过所述审批服务器将所述填写完成的数据申请表发送至对应的第三终端,并接收所述第三终端返回的预审结果;当所述预审结果表示预审通过时,则通过所述审批服务器将所述数据申请表发送到与所选择的审批链对应的第四终端进行审批;及当所述审批链对应的第四终端的审批结果均表示审批通过时,则通过所述审批服务器将所述用户标识与所述数据申请表关联存储,并将所述用户标识对应的审批结果标记为审批通过。
- 根据权利要求14所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所涉及的所述审批结果的获取方式还包括:当所述审批链中存在第五终端的审批结果为审批未通过时,则通过所述审批服务器将所述审批未通过的结果发送至所述第一终端;及通过所述审批服务器接收所述第一终端发送的修改后的数据申请表,并将所述数据申请表发送至所述第五终端。
- 根据权利要求14所述的计算机设备,其特征在于,所述处理器执行所述计算机可读指令时所实现的所述通过所述审批服务器将所述填写完成的数据申请表发送至对应的第三终端,包括:通过所述审批服务器获取集群中在线的第三终端,并从在线的第三终端中选取当前任务量最少的第三终端;通过所述审批服务器将所述填写完成的数据申请表发送至所选取的第三终端。
- 一个或多个存储有计算机可读指令的非易失性计算机可读存储介质,所述计算机可读指令被一个或多个处理器执行时,使得所述一个或多个处理器执行以下步骤:接收第一终端发送的第一数据获取请求,所述第一数据获取请求携带有第二字段以及所述第一终端对应的用户标识;根据所述用户标识生成审批判断请求,并将所生成的审批判断请求发送至审批服务器后,接收审批服务器根据所述审批判断请求查询获得的与用户标识对应的审批结果;当所述审批结果表示审批通过时,则从所述审批服务器获取与所述用户标识对应的数据申请表,并从所述数据申请表中读取第一字段;及当所述第一字段与所述第二字段相匹配时,则获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端。
- 根据权利要求17所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时所实现的所述获取与所述第二字段对应的数据,并将所述数据返回至所述第一终端,包括:从位于内网区的第一数据库获取与所述第二字段对应的数据;根据所获取的数据生成数据文档,并将所述数据文档存储于公网区的第二数据库;获取所述数据文档在 所述第二数据库的存储地址;将所述存储地址发送至所述第一终端;接收所述第一终端发送的第二数据获取请求,所述第二数据获取请求携带有所述存储地址;及获取与所述存储地址对应的数据,并将所获取的数据返回至所述第一终端。
- 根据权利要求18所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时所实现的所述根据所获取的数据生成数据文档之后,还包括:获取与所述用户标识对应的公钥;及通过所获取的公钥对生成的所述数据文档进行加密。
- 根据权利要求17至19任意一项所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时所实现的所述将所述数据返回至所述第一终端之后,还包括:生成与所述第一终端对应的导出日志;则所述计算机可读指令被所述处理器执行时还执行以下步骤:接收第二终端发送的泄露数据查询请求,所述泄露数据查询请求携带有泄露数据标识;查询与所述泄露数据标识对应的导出日志,并将查询到的所述导出日志发送到所述第二终端;获取与查询到的导出日志对应的用户标识,根据与查询到的导出日志对应的所述用户标识生成审批结果修改指令;及将所述审批结果修改指令发送至审批服务器,所述审批结果修改指令用于指示所述审批服务器将与所述审批结果修改指令对应的审批结果修改为审批未通过。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810350446.5 | 2018-04-18 | ||
CN201810350446.5A CN108712385A (zh) | 2018-04-18 | 2018-04-18 | 数据获取方法、装置、计算机设备和存储介质 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019200755A1 true WO2019200755A1 (zh) | 2019-10-24 |
Family
ID=63866699
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/095613 WO2019200755A1 (zh) | 2018-04-18 | 2018-07-13 | 数据获取方法、装置、计算机设备和存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN108712385A (zh) |
WO (1) | WO2019200755A1 (zh) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109636350A (zh) * | 2018-12-17 | 2019-04-16 | 深圳壹账通智能科技有限公司 | 文档生成方法、装置、计算机设备和存储介质 |
CN109510840B (zh) * | 2018-12-24 | 2021-07-13 | 中国南方电网有限责任公司 | 非结构化数据的共享方法、装置、计算机设备和存储介质 |
CN111783110A (zh) * | 2019-04-04 | 2020-10-16 | 邓铮 | 数据保护方法、计算机设备及计算机可读存储介质 |
CN110175812A (zh) * | 2019-04-24 | 2019-08-27 | 平安科技(深圳)有限公司 | 数据传输监控方法、装置、计算机设备及存储介质 |
CN110309159B (zh) * | 2019-05-17 | 2023-08-18 | 平安科技(深圳)有限公司 | 一种数据修改方法及系统、电子设备 |
CN110213357B (zh) * | 2019-05-22 | 2022-04-22 | 深圳壹账通智能科技有限公司 | 业务数据回退方法、装置、计算机设备和存储介质 |
CN110413643A (zh) * | 2019-06-17 | 2019-11-05 | 中国平安财产保险股份有限公司 | 数据查询方法和装置 |
CN110502915B (zh) * | 2019-08-30 | 2021-07-30 | 恩亿科(北京)数据科技有限公司 | 一种数据处理的方法、装置及系统 |
CN111522785B (zh) * | 2020-04-17 | 2024-04-09 | 上海中通吉网络技术有限公司 | 数据提取审计方法、装置和设备 |
CN112390100A (zh) * | 2020-10-16 | 2021-02-23 | 苏州汇川技术有限公司 | 设备参数包分享方法、服务器及存储介质 |
CN113886808A (zh) * | 2021-09-30 | 2022-01-04 | 深信服科技股份有限公司 | 一种操作审批方法、装置、通信服务器及用户终端 |
CN114143106B (zh) * | 2021-12-07 | 2024-01-23 | 北京天融信网络安全技术有限公司 | 一种审批方法、装置、电子设备及存储介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102685086A (zh) * | 2011-04-14 | 2012-09-19 | 天脉聚源(北京)传媒科技有限公司 | 一种文件访问方法和系统 |
CN103745314A (zh) * | 2013-12-30 | 2014-04-23 | 远光软件股份有限公司 | 一种单据表传输的方法和装置 |
CN105391774A (zh) * | 2015-10-15 | 2016-03-09 | 珠海市君天电子科技有限公司 | 一种基于亚马逊网络服务器的资源请求方法及装置 |
US20160171601A1 (en) * | 2014-12-11 | 2016-06-16 | Shacom. Com Inc. | Method and device for providing financial data to a user |
CN107689002A (zh) * | 2017-09-11 | 2018-02-13 | 乐蜜有限公司 | 提现请求的审核方法、装置、电子设备及存储介质 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10664838B2 (en) * | 2015-04-15 | 2020-05-26 | Visa International Service Association | Systems and methods to authorize transactions based on securely accessing data tracked via mobile devices |
CN107204964B (zh) * | 2016-03-16 | 2020-07-07 | 腾讯科技(深圳)有限公司 | 一种权限管理的方法、装置和系统 |
CN106022710A (zh) * | 2016-05-09 | 2016-10-12 | 平安科技(深圳)有限公司 | 保险审核方法和装置 |
CN107239928B (zh) * | 2017-01-03 | 2018-04-06 | 北京嘀嘀无限科技发展有限公司 | 一种资源分配的流程生成方法及装置 |
CN107026850B (zh) * | 2017-03-17 | 2018-07-31 | 中科曙光南京研究院有限公司 | 一种内外网文档交互方法 |
-
2018
- 2018-04-18 CN CN201810350446.5A patent/CN108712385A/zh active Pending
- 2018-07-13 WO PCT/CN2018/095613 patent/WO2019200755A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102685086A (zh) * | 2011-04-14 | 2012-09-19 | 天脉聚源(北京)传媒科技有限公司 | 一种文件访问方法和系统 |
CN103745314A (zh) * | 2013-12-30 | 2014-04-23 | 远光软件股份有限公司 | 一种单据表传输的方法和装置 |
US20160171601A1 (en) * | 2014-12-11 | 2016-06-16 | Shacom. Com Inc. | Method and device for providing financial data to a user |
CN105391774A (zh) * | 2015-10-15 | 2016-03-09 | 珠海市君天电子科技有限公司 | 一种基于亚马逊网络服务器的资源请求方法及装置 |
CN107689002A (zh) * | 2017-09-11 | 2018-02-13 | 乐蜜有限公司 | 提现请求的审核方法、装置、电子设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN108712385A (zh) | 2018-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019200755A1 (zh) | 数据获取方法、装置、计算机设备和存储介质 | |
WO2021003980A1 (zh) | 黑名单共享方法、装置、计算机设备和存储介质 | |
US11057189B2 (en) | Providing data authorization based on blockchain | |
US11356285B2 (en) | Distributed key management for trusted execution environments | |
WO2021169112A1 (zh) | 基于共享权限的业务数据处理方法、装置、设备和介质 | |
US10839070B1 (en) | Securely executing smart contract operations in a trusted execution environment | |
CN108055274B (zh) | 一种基于联盟链存储数据的加密与共享方法及系统 | |
US20210119774A1 (en) | Processing blockchain data based on smart contract operations executed in a trusted execution environment | |
US10860710B2 (en) | Processing and storing blockchain data under a trusted execution environment | |
CN110417781B (zh) | 基于区块链的文档加密管理方法、客户端及服务器 | |
WO2019214312A1 (zh) | 基于区块链的物流信息传输方法、系统和装置 | |
WO2021003977A1 (zh) | 违约信息查询方法、装置、计算机设备和存储介质 | |
WO2019136959A1 (zh) | 数据处理方法、装置、计算机设备和存储介质 | |
KR20190085106A (ko) | 데이터 액세스를 위한 방법, 시스템 및 장치 | |
US11546348B2 (en) | Data service system | |
CN107025409A (zh) | 一种数据安全存储平台 | |
US10917249B2 (en) | Processing data elements stored in blockchain networks | |
WO2021012571A9 (zh) | 数据处理方法、装置、计算机设备和存储介质 | |
WO2021159606A1 (zh) | 基于区块链的组织节点上链方法和系统 | |
US11455417B2 (en) | Data processing methods, apparatuses, and devices | |
WO2020057002A1 (zh) | 基于区块链的发票数据共享系统以及方法 | |
US20210112067A1 (en) | Systems and methods for secure data access control | |
US11924270B2 (en) | Method and system for transferring data | |
CN109741016B (zh) | 电子合同签订方法、装置、计算机设备和存储介质 | |
WO2020140672A1 (zh) | 基于区块链的资产数据处理方法、系统和存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18915152 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 22.01.2021 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18915152 Country of ref document: EP Kind code of ref document: A1 |