WO2020186775A1 - Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur - Google Patents

Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur Download PDF

Info

Publication number
WO2020186775A1
WO2020186775A1 PCT/CN2019/116481 CN2019116481W WO2020186775A1 WO 2020186775 A1 WO2020186775 A1 WO 2020186775A1 CN 2019116481 W CN2019116481 W CN 2019116481W WO 2020186775 A1 WO2020186775 A1 WO 2020186775A1
Authority
WO
WIPO (PCT)
Prior art keywords
array
url request
encrypted
service data
preset
Prior art date
Application number
PCT/CN2019/116481
Other languages
English (en)
Chinese (zh)
Inventor
花秀明
卢小龙
郑锋
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2020186775A1 publication Critical patent/WO2020186775A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • This application relates to the technical field of security protection, and in particular to a method, device, equipment and computer-readable storage medium for providing business data.
  • the business system is an online system for processing business, in which a large amount of sensitive business data is circulated, and the security of the business system is very important.
  • Some illegal users will fake URLs (Uniform/Universal Resource Locator (Uniform Resource Locator) crawls business data from business systems, which leads to business data leakage.
  • URLs Uniform/Universal Resource Locator (Uniform Resource Locator) crawls business data from business systems, which leads to business data leakage.
  • the main purpose of this application is to provide a method, device, device, and computer-readable storage medium for providing business data, aiming to ensure the security of business data.
  • this application provides a method for providing service data.
  • the method for providing service data is applied to a front-end controller of a service system.
  • the method for providing service data includes the following steps:
  • the step of performing an encryption operation on the plaintext query parameter to obtain the ciphertext query parameter includes:
  • this application also provides a method for providing service data, which is applied to a service system server, and the method for providing service data includes the following steps:
  • the step of decrypting and verifying the encrypted URL request includes:
  • this application also provides a service data providing device, and the service data providing device includes:
  • the judgment module is used for judging whether the URL request is triggered by an authenticated user when the uniform resource locator URL request is received at the front end of the business system;
  • the encryption module is used to extract the plaintext query parameters in the URL request, and perform an encryption operation on the plaintext query parameters to obtain the ciphertext query parameters;
  • the replacement module is configured to replace the plaintext query parameters in the URL request with the ciphertext query parameters to obtain an encrypted URL request, and send the encrypted URL request to the business system server;
  • An output module configured to receive the corresponding business data returned by the business system server based on the encrypted URL request, and output the business data at the front end of the business system;
  • the encryption module includes:
  • An encryption unit configured to encrypt each element in the array by using a preset symmetric encryption algorithm to obtain an encrypted array
  • the replacement unit is used to traverse each element in the coded array, determine the easily mixed elements in the coded array, and replace the easily mixed elements in the coded array with the corresponding preset according to a preset mapping relationship Character to get ciphertext query parameters.
  • this application also provides a service data providing device, and the service data providing device includes:
  • the decryption module is used to decrypt and verify the encrypted URL request when the encrypted URL request sent by the front-end controller of the business system is received;
  • the return module is used to obtain corresponding business data and return it to the front-end controller of the business system when the decryption verification is passed, so that the front-end controller of the business system outputs the business data at the front-end of the business system;
  • the decryption module includes:
  • An extraction unit for extracting ciphertext query parameters from the encrypted URL request An extraction unit for extracting ciphertext query parameters from the encrypted URL request
  • An inverse operation unit configured to perform the inverse operation of the encryption operation on the ciphertext query parameter
  • the confirming unit is configured to confirm that the decryption verification is passed if the ciphertext query parameter is restored to the plaintext query parameter through the inverse operation.
  • the present application also provides a service data providing device, the service data providing device including a processor, a memory, and computer-readable instructions stored on the memory and executable by the processor , When the computer-readable instructions are executed by the processor, the following steps are implemented:
  • the present application also provides a service data providing device, the service data providing device including a processor, a memory, and computer-readable instructions stored on the memory and executable by the processor , When the computer-readable instructions are executed by the processor, the following steps are implemented:
  • the corresponding service data is obtained and returned to the front-end controller of the service system, so that the front-end controller of the service system outputs the service data at the front-end of the service system.
  • the present application also provides a computer-readable storage medium having computer-readable instructions stored on the computer-readable storage medium, and when the computer-readable instructions are executed by a processor, the following steps are implemented :
  • the present application also provides a computer-readable storage medium having computer-readable instructions stored on the computer-readable storage medium, and when the computer-readable instructions are executed by a processor, the following steps are implemented :
  • the corresponding service data is obtained and returned to the front-end controller of the service system, so that the front-end controller of the service system outputs the service data at the front-end of the service system.
  • the front-end controller of the business system will first determine whether the URL request received by the front-end of the business system is triggered by an authenticated user, thus achieving the first level of security protection. If it is confirmed that the URL request is triggered by an authenticated user, Then extract the plain text query parameters in the URL request, perform an encryption operation on the plain text query parameters to obtain the cipher text query parameters, and then replace the plain text query parameters in the URL request with the cipher text query parameters to obtain the encrypted URL request.
  • the encrypted URL request is sent to the business system server, so that the business system server returns the corresponding business data based on the encrypted URL request, realizing the second level of security protection, so that it can be the authentication of the business system access and use rights Users provide business data, and malicious data crawling is prevented, ensuring the security of business data.
  • FIG. 1 is a schematic diagram of the hardware structure of the service data providing device involved in the solution of the embodiment of the application;
  • FIG. 2 is a schematic flowchart of a first embodiment of a method for providing service data of an application
  • FIG. 3 is a schematic flowchart of a second embodiment of a method for providing service data of an application
  • Fig. 4 is a schematic diagram of functional modules of the first embodiment of the service data providing apparatus of this application.
  • the service data providing method involved in the embodiments of this application is mainly applied to a service data providing device, and the service data providing device may be a personal computer (personal computer). computer, PC), server and other equipment with data processing functions.
  • FIG. 1 is a schematic diagram of the hardware structure of the service data providing device involved in the solution of the embodiment of the application.
  • the service data providing device may include a processor 1001 (for example, the central processing unit Central Processing Unit, CPU), communication bus 1002, user interface 1003, network interface 1004, memory 1005.
  • processor 1001 for example, the central processing unit Central Processing Unit, CPU
  • communication bus 1002 for example, the central processing unit Central Processing Unit, CPU
  • user interface 1003 for example, the central processing unit Central Processing Unit, CPU
  • network interface 1004 for example, the network interface 1005
  • the communication bus 1002 is used to realize the connection and communication between these components;
  • the user interface 1003 may include a display (Display), an input unit such as a keyboard (Keyboard);
  • the network interface 1004 may optionally include a standard wired interface, a wireless interface (Such as wireless fidelity WIreless-FIdelity, WI-FI interface);
  • the memory 1005 can be a high-speed random access memory (random access memory, RAM), or stable memory (non-volatile memory), such as a disk memory.
  • the memory 1005 may optionally be a storage device independent of the aforementioned processor 1001.
  • FIG. 1 does not constitute a limitation to the present application, and may include more or less components than those shown in the figure, or combine certain components, or different component arrangements.
  • the memory 1005 as a computer storage medium in FIG. 1 may include an operating system, a network communication module, and computer-readable instructions.
  • a processor 1001 can call computer-readable instructions stored in a memory 1005, and execute the service data providing method provided by each embodiment of the present application.
  • the embodiment of the application provides a method for providing service data.
  • Fig. 2 is a schematic flowchart of a first embodiment of a method for providing service data according to this application.
  • the service data providing method is applied to a front-end controller of a service system, and the service data providing method includes the following steps:
  • Step S10 When a uniform resource locator URL request is received at the front end of the business system, it is determined whether the URL request is triggered by an authenticated user;
  • Step S20 if yes, extract the plaintext query parameters in the URL request, and perform an encryption operation on the plaintext query parameters to obtain the ciphertext query parameters;
  • Step S30 replacing the plaintext query parameters in the URL request with the ciphertext query parameters to obtain an encrypted URL request, and send the encrypted URL request to the business system server;
  • Step S40 Receive the corresponding service data returned by the service system server based on the encrypted URL request, and output the service data at the front end of the service system.
  • the business system is an online system for processing business, in which a large amount of sensitive business data is circulated, and the security of the business system is very important.
  • some illegal users will crawl business data from business systems by forging URLs, leading to business data leakage.
  • this embodiment provides a business data providing method, which can provide business data to users who have access and use rights to the business system, and prevent malicious data crawling.
  • the business system may be specifically used to process at least one of house rental and sale business, insurance business, financial business, investment business, and the like.
  • the business system includes a front-end controller and a server.
  • the front-end controller is used to process URL requests and output business data at the front end of the business system, and the server is used to manage business data.
  • Step S10 when the front end of the business system receives a uniform resource locator URL request, it is judged whether the URL request is sent by an authenticated user;
  • each business data in the business system has a unique URL (Uniform/Universal Resource Locator, uniform resource locator),
  • the URL request to access the business system includes the transmission protocol, server (usually domain name, sometimes IP address), port number, path and query parameters and other components, such as "https://www. admin5.com/article/details/56284237", where the plaintext number "56284237" after the last "/" character at the end refers to the query parameter.
  • the front-end of the business system receives a URL request, the front-end controller first performs the first level of security protection and determines whether the URL request is triggered by an authenticated user.
  • the authenticated user refers to a user who has the right to access and use the business system.
  • an authenticated user information database is pre-established in the front-end controller, and the authenticated user information database stores information such as an authenticated IP address and user ID of the authenticated user.
  • the process of the front-end controller judging whether the URL request received by the front end of the business system is triggered by an authenticated user includes: matching the IP address and user ID that triggered the URL request with the authenticated user information database, if in the authenticated user information database, match If the authentication IP address that matches the IP address that triggered the URL request is matched, or the user ID that matches the user ID that triggered the URL request is matched, it is confirmed that the URL request is triggered by the authenticated user.
  • Step S20 if yes, extract the plaintext query parameters in the URL request, and perform an encryption operation on the plaintext query parameters to obtain the ciphertext query parameters;
  • the front controller confirms that the URL request is triggered by an authenticated user
  • the second level of security protection is performed. Specifically, the query parameters in the URL request are extracted, and then the query parameters are encrypted.
  • the process of encrypting query parameters is as follows:
  • the preset symmetric encryption algorithm is agreed upon between the front-end controller and the server, which can be specifically Blowfish encryption algorithm.
  • the Blowfish encryption algorithm is a block encryption algorithm developed by Bruce Schneier in 1993. It belongs to a type of symmetric encryption.
  • the Blowfish encryption algorithm is used to encrypt each element in the byte array. The speed is very fast.
  • the encryption key and decryption key of the Blowfish encryption algorithm are the same, and the result after each encryption is different, and the encrypted data is also reversible.
  • the process of using the Blowfish encryption algorithm to encrypt each array element in the query parameters includes key preprocessing and encryption.
  • a key is selected arbitrarily, and the fixed source keys of the BlowFish algorithm—pbox and sbox are transformed to obtain the following
  • the encoding method is the base64 preset in the front-end controller.
  • Base64 is one of the encoding methods used to transmit 8Bit byte codes, and is a method of representing binary data based on 64 printable characters.
  • the number “1” is encrypted as “jzr13FqdpLk”; the number “2” is encrypted as “1QFpcUgueU4"; the number “17” is encrypted as “z_O0kIFslv0", it can be seen that after the encryption operation The characters obtained have no rules to follow and are difficult to imitate or forge.
  • Step S30 replacing the plaintext query parameters in the URL request with the ciphertext query parameters to obtain an encrypted URL request, and send the encrypted URL request to the business system server;
  • the front-end controller After obtaining the ciphertext query parameter, the front-end controller replaces the query parameter in the URL request with the ciphertext query parameter to obtain the encrypted URL request. Since the ciphertext query parameters are obtained through the above encryption operation, this type of encrypted URL request is difficult to imitate or forge. After that, the encrypted URL request is sent to the server.
  • Step S40 Receive the corresponding service data returned by the service system server based on the encrypted URL request, and output the service data at the front end of the service system.
  • the server When the server receives the encrypted URL request, it decrypts and verifies the encrypted URL request, that is, the business system server extracts the ciphertext query parameter in the encrypted URL request, and then performs the inverse operation of the encryption operation on the ciphertext query parameter. If the inverse calculation is performed, the ciphertext query parameters can be restored to plaintext query parameters, the server confirms that the decryption verification is passed, obtains the corresponding business data and returns it to the front-end controller, and the front-end controller outputs the business data at the front end of the business system. If the ciphertext query parameters cannot be restored after the inverse operation, or the restoration becomes a pile of garbled codes, the server confirms that the decryption verification fails, and intercepts the malicious URL request.
  • the front-end controller will intercept it to achieve the first level of security protection; even if a malicious request that imitates the encrypted URL request format can be delivered to the server, because the server The received URL request will be decrypted and verified, and the malicious URL request is not obtained based on the encryption operation method in this embodiment.
  • the decryption verification of the malicious URL request cannot be passed, and the server will also intercept the malicious URL request to achieve
  • the second level of security protection through the above two levels of security protection, the possibility of business data being crawled is greatly reduced, the security of the business system is improved, and the security of business data is guaranteed.
  • the front-end controller of the service system will first determine whether the URL request received by the front-end of the service system is triggered by an authenticated user, which realizes the first level of security protection. If it is confirmed that the URL request is triggered by an authenticated user , Extract the plaintext query parameters in the URL request, perform an encryption operation on the plaintext query parameters to obtain the ciphertext query parameters, and then replace the plaintext query parameters in the URL request with the ciphertext query parameters to obtain the encrypted URL request, After that, the encrypted URL request is sent to the business system server, so that the business system server returns the corresponding business data based on the encrypted URL request, realizing the second level of security protection. In this way, it can be used by those who have the right to access and use the business system. Authenticated users provide business data, and malicious data crawling is prevented, ensuring the security of business data.
  • a second embodiment of the method for providing service data of this application is proposed based on the first embodiment.
  • the difference between the second embodiment of the service data providing method and the first embodiment of the service data providing method is that, referring to FIG. 3, the service data providing method in this embodiment is applied to a service system server, and the service data providing method includes the following step:
  • Step S50 when receiving the encrypted URL request sent by the front-end controller of the business system, decrypt and verify the encrypted URL request;
  • the business system server when the business system server receives the encrypted URL request sent by the front-end controller, it decrypts and verifies the encrypted URL request, that is, the business system server extracts the ciphertext query parameters in the encrypted URL request, and The ciphertext query parameter performs the inverse operation of the encryption operation. After the inverse operation, the ciphertext query parameter can be restored to the query parameter of the plaintext number, and the decryption verification is determined to pass.
  • the process of the inverse operation of the encryption operation performed by the business system server on the ciphertext query parameters is as follows:
  • blowfish symmetric encryption algorithm agreed with the front controller to decrypt each element in the decoded byte array, that is, decrypt each element in the decoded byte array with the keys key_pbox and key_sbox to obtain the decrypted byte array ;
  • Step S60 When the decryption verification is passed, the corresponding business data is obtained and returned to the front-end controller of the business system, so that the front-end controller of the business system outputs the business data at the front-end of the business system.
  • the business system server passes the decryption verification, it obtains the corresponding business data and returns it to the business system front-end controller, and the business system front-end controller outputs the business data at the front-end of the business system. If the ciphertext query parameters cannot be restored after the inverse operation, or the restoration becomes a pile of garbled codes, the server confirms that the decryption verification fails, and intercepts the malicious URL request.
  • the server will decrypt and verify the received URL request, and the malicious URL request is not obtained based on the encryption operation method in this embodiment, which is aimed at malicious
  • the decryption verification of the URL request cannot be passed, and the server will also intercept the malicious URL request.
  • it can provide business data for authenticated users who have access and use rights to the business system, and can intercept malicious URL requests based on encryption operations and decryption verification. It greatly reduces the possibility of business data being crawled.
  • the embodiment of the present application also provides a service data providing device.
  • Fig. 4 is a schematic diagram of the functional modules of the first embodiment of the service data providing apparatus of this application.
  • the service data providing device includes:
  • the judging module 10 is used for judging whether the URL request is triggered by an authenticated user when a uniform resource locator URL request is received at the front end of the business system;
  • the encryption module 20 is configured to, if yes, extract the plaintext query parameters in the URL request, and perform an encryption operation on the plaintext query parameters to obtain the ciphertext query parameters;
  • the replacement module 30 is configured to replace the plaintext query parameters in the URL request with the ciphertext query parameters to obtain an encrypted URL request, and send the encrypted URL request to the business system server;
  • the output module 40 is configured to receive the corresponding service data returned by the service system server based on the encrypted URL request, and output the service data at the front end of the service system.
  • each virtual function module of the above-mentioned service data providing apparatus is stored in the memory 1005 of the service data providing device shown in FIG. 1, and is used to realize all the functions of computer-readable instructions; when each module is executed by the processor 1001, multiple functions are realized.
  • Security protection can provide business data to authenticated users with business system access and use rights, and prevent malicious data crawling, ensuring the security of business data.
  • the encryption module 20 includes:
  • An encryption unit configured to encrypt each element in the array by using a preset symmetric encryption algorithm to obtain an encrypted array
  • the replacement unit is used to traverse each element in the coded array, determine the easily mixed elements in the coded array, and replace the easily mixed elements in the coded array with corresponding presets according to a preset mapping relationship Character to get the ciphertext query parameter.
  • the encryption unit includes:
  • the preprocessing subunit is used to preprocess the source key of the preset symmetric encryption algorithm to obtain the key;
  • the encryption subunit is used to encrypt each element in the array using the key to obtain an encrypted array.
  • the service data providing device further includes:
  • the interception module is used to intercept the URL request if not.
  • the service data providing device further includes:
  • the decryption module is used to decrypt and verify the encrypted URL request when the encrypted URL request sent by the front-end controller of the business system is received;
  • the return module is used to obtain corresponding business data and return it to the front-end controller of the business system when the decryption verification is passed, so that the front-end controller of the business system outputs the business data at the front-end of the business system.
  • the decryption module includes:
  • An extraction unit for extracting ciphertext query parameters from the encrypted URL request An extraction unit for extracting ciphertext query parameters from the encrypted URL request
  • An inverse operation unit configured to perform the inverse operation of the encryption operation on the ciphertext query parameter
  • the confirming unit is configured to confirm that the decryption verification is passed if the ciphertext query parameter is restored to the plaintext query parameter through the inverse operation.
  • the inverse operation unit includes:
  • the replacement subunit is used to traverse each element in the ciphertext query parameter, find a preset character from the ciphertext query parameter, and replace the found preset character with the corresponding one according to the preset mapping relationship
  • the decryption subunit is used to decrypt each element in the decoded array by using a preset symmetric encryption algorithm to obtain a decrypted array;
  • the atomic reduction unit is used to restore the decrypted array to plaintext query parameters.
  • each module in the above-mentioned service data providing apparatus corresponds to each step in the above-mentioned embodiment of the service data providing method, and the function and realization process thereof will not be repeated here.
  • the embodiments of the present application also provide a computer-readable storage medium, and the computer-readable storage medium may be a non-volatile readable storage medium.
  • the computer-readable storage medium of the present application stores computer-readable instructions, and when the computer-readable instructions are executed by a processor, the steps of the above-mentioned service data providing method are realized.
  • the method of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better. ⁇
  • the technical solution of this application essentially or the part that contributes to the existing technology can be embodied in the form of a software product, and the computer software product is stored in a storage medium (such as ROM/RAM) as described above. , Magnetic disk, optical disk), including several instructions to make a terminal device (which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the method described in each embodiment of the present application.
  • a terminal device which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

La présente demande relève du domaine technique de la protection de sécurité et concerne un procédé, un appareil et un dispositif de fourniture de données de service, ainsi qu'un support de stockage lisible par ordinateur. Le procédé comprend les étapes suivantes : lorsqu'une extrémité avant d'un système de service reçoit une demande de localisateur uniforme de ressource (URL), déterminer si la demande d'URL est déclenchée par un utilisateur authentifié ; si tel est le cas, extraire un paramètre d'interrogation de texte en clair à partir de la demande d'URL, et réaliser une opération de chiffrement sur le paramètre d'interrogation de texte en clair afin d'obtenir un paramètre d'interrogation de texte chiffré ; remplacer le paramètre d'interrogation de texte en clair dans la demande d'URL avec le paramètre d'interrogation de texte chiffré afin d'obtenir une demande d'URL chiffrée, et envoyer la demande d'URL chiffrée à un serveur de système de service ; et recevoir des données de service correspondantes renvoyées par le serveur de système de service sur la base de la demande d'URL chiffrée, et délivrer en sortie les données de service à l'extrémité avant du système de service. La présente invention garantit la sécurité des données de service.
PCT/CN2019/116481 2019-03-15 2019-11-08 Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur WO2020186775A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910198502.2 2019-03-15
CN201910198502.2A CN110061967B (zh) 2019-03-15 2019-03-15 业务数据提供方法、装置、设备及计算机可读存储介质

Publications (1)

Publication Number Publication Date
WO2020186775A1 true WO2020186775A1 (fr) 2020-09-24

Family

ID=67317124

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/116481 WO2020186775A1 (fr) 2019-03-15 2019-11-08 Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN110061967B (fr)
WO (1) WO2020186775A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285665A (zh) * 2021-12-30 2022-04-05 北京天融信网络安全技术有限公司 一种密码加密方式转换方法及装置
CN114785860A (zh) * 2022-06-02 2022-07-22 深圳云创数安科技有限公司 基于加解密的数据响应方法、装置、设备及介质
CN116108496A (zh) * 2023-04-13 2023-05-12 北京百度网讯科技有限公司 匿踪查询方法、装置、设备及存储介质
CN117579385A (zh) * 2024-01-16 2024-02-20 山东星维九州安全技术有限公司 一种快速筛查新型WebShell流量的方法、系统及设备
CN114785860B (zh) * 2022-06-02 2024-06-04 深圳云创数安科技有限公司 基于加解密的数据响应方法、装置、设备及介质

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110061967B (zh) * 2019-03-15 2022-02-22 平安科技(深圳)有限公司 业务数据提供方法、装置、设备及计算机可读存储介质
CN111131282B (zh) * 2019-12-27 2022-06-17 武汉极意网络科技有限公司 请求加密方法、装置、电子设备及存储介质
CN113821258A (zh) * 2021-10-11 2021-12-21 京东科技控股股份有限公司 通过云端系统指令实现地端系统本地化操作的方法及装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130091356A1 (en) * 2011-10-10 2013-04-11 International Business Machines Corporation Optimizing web landing page link access times through preliminary functions during page deployment
CN103229181A (zh) * 2010-10-13 2013-07-31 阿卡麦科技公司 通过对url进行模糊处理来保护网站和网站用户
CN104393988A (zh) * 2014-12-03 2015-03-04 浪潮(北京)电子信息产业有限公司 一种可逆的数据加密方法及装置
CN105808990A (zh) * 2016-02-23 2016-07-27 平安科技(深圳)有限公司 基于ios系统控制url访问的方法和装置
CN110061967A (zh) * 2019-03-15 2019-07-26 平安科技(深圳)有限公司 业务数据提供方法、装置、设备及计算机可读存储介质

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546293A (zh) * 2013-10-08 2014-01-29 任少华 第三方认证系统或方法
CN103763308A (zh) * 2013-12-31 2014-04-30 北京明朝万达科技有限公司 一种智能终端安全访问网页和下载数据的方法和装置
CN103944900B (zh) * 2014-04-18 2017-11-24 中国科学院计算技术研究所 一种基于加密的跨站请求攻击防范方法及其装置
CN105187397A (zh) * 2015-08-11 2015-12-23 北京思特奇信息技术股份有限公司 一种web系统页面集成防盗链方法及系统
CN106470103B (zh) * 2015-08-17 2020-01-17 苏宁云计算有限公司 一种客户端发送加密url请求的方法和系统
CN105306473B (zh) * 2015-11-05 2018-06-22 北京奇虎科技有限公司 一种防止注入攻击的方法、客户端、服务器和系统
CN106603491B (zh) * 2016-11-10 2020-09-25 深圳维盟科技股份有限公司 基于https协议的Portal认证方法及路由器
CN106658093B (zh) * 2016-12-27 2019-07-09 深圳市九洲电器有限公司 机顶盒与服务器的交互方法及系统
CN107707532B (zh) * 2017-09-15 2022-05-13 北京小米移动软件有限公司 Url生成、查询参数验证方法、装置、设备及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103229181A (zh) * 2010-10-13 2013-07-31 阿卡麦科技公司 通过对url进行模糊处理来保护网站和网站用户
US20130091356A1 (en) * 2011-10-10 2013-04-11 International Business Machines Corporation Optimizing web landing page link access times through preliminary functions during page deployment
CN104393988A (zh) * 2014-12-03 2015-03-04 浪潮(北京)电子信息产业有限公司 一种可逆的数据加密方法及装置
CN105808990A (zh) * 2016-02-23 2016-07-27 平安科技(深圳)有限公司 基于ios系统控制url访问的方法和装置
CN110061967A (zh) * 2019-03-15 2019-07-26 平安科技(深圳)有限公司 业务数据提供方法、装置、设备及计算机可读存储介质

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285665A (zh) * 2021-12-30 2022-04-05 北京天融信网络安全技术有限公司 一种密码加密方式转换方法及装置
CN114785860A (zh) * 2022-06-02 2022-07-22 深圳云创数安科技有限公司 基于加解密的数据响应方法、装置、设备及介质
CN114785860B (zh) * 2022-06-02 2024-06-04 深圳云创数安科技有限公司 基于加解密的数据响应方法、装置、设备及介质
CN116108496A (zh) * 2023-04-13 2023-05-12 北京百度网讯科技有限公司 匿踪查询方法、装置、设备及存储介质
CN116108496B (zh) * 2023-04-13 2023-06-23 北京百度网讯科技有限公司 匿踪查询方法、装置、设备及存储介质
CN117579385A (zh) * 2024-01-16 2024-02-20 山东星维九州安全技术有限公司 一种快速筛查新型WebShell流量的方法、系统及设备
CN117579385B (zh) * 2024-01-16 2024-03-19 山东星维九州安全技术有限公司 一种快速筛查新型WebShell流量的方法、系统及设备

Also Published As

Publication number Publication date
CN110061967A (zh) 2019-07-26
CN110061967B (zh) 2022-02-22

Similar Documents

Publication Publication Date Title
WO2020186775A1 (fr) Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur
WO2020147383A1 (fr) Procédé, dispositif et système d'examen et d'approbation de processus utilisant un système de chaîne de blocs, et support de stockage non volatil
WO2014069783A1 (fr) Procédé d'authentification par mot de passe et appareil pour l'exécuter
WO2020029585A1 (fr) Procédé et dispositif de modélisation de fédération de réseau neuronal faisant intervenir un apprentissage par transfert et support d'informations
WO2020062642A1 (fr) Procédé, dispositif et équipement à base de chaîne de blocs pour signer des documents électroniques, et support d'informations
WO2017135670A1 (fr) Procédé et serveur permettant de fournir un service de notaire pour un dossier et de vérifier un dossier enregistré par un service de notaire
WO2021056760A1 (fr) Dispositif, appareil et procédé de chiffrement de données d'apprentissage fédéré et support de stockage lisible
WO2015093734A1 (fr) Système et procédé d'authentification utilisant un code qr
WO2017135669A1 (fr) Procédé et serveur permettant de fournir un service de notaire pour un dossier et de vérifier un dossier enregistré par un service de notaire
WO2019132272A1 (fr) Identifiant en tant que service basé sur une chaîne de blocs
WO2014063455A1 (fr) Procédé et système de messagerie instantanée
WO2016169410A1 (fr) Procédé et dispositif d'ouverture de session, serveur et système d'ouverture de session
WO2013162296A1 (fr) Système d'exploitation de code, appareil à code et procédé de génération de super code
WO2019088689A1 (fr) Système de terminal de sécurité cryptographique quantique puf-qrng, et procédé de génération de clé cryptographique
WO2016101745A1 (fr) Procédé d'activation de jeton de terminal mobile
WO2020220413A1 (fr) Procédé et système de preuve à divulgation nulle de connaissance pour informations personnelles, et support de données
WO2019024126A1 (fr) Procédé de gestion d'informations de connaissance basé sur une chaîne de blocs, et terminal et serveur
WO2010087567A1 (fr) Procédé d'installation d'un objet de droits destiné à du contenu dans une carte de mémoire
WO2016206530A1 (fr) Procédé, appareil et système de paiement mobile hautement sécurisé
WO2018072261A1 (fr) Procédé et dispositif de chiffrement d'informations, procédé et dispositif de déchiffrement d'informations, et terminal
WO2020253120A1 (fr) Procédé, système et dispositif d'enregistrement de page web, et support de stockage informatique
WO2021072881A1 (fr) Procédé, appareil et dispositif de traitement de demande fondée sur un stockage d'objet, et support de stockage
WO2016095339A1 (fr) Procédé de mise à jour de données de base dans un jeton dynamique
WO2017016272A1 (fr) Procédé, appareil et système de traitement de données de ressources virtuelles
WO2012149717A1 (fr) Procédé, dispositif et système de gestion dynamique de licence basés sur une tcm ou une tpm

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19919878

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19919878

Country of ref document: EP

Kind code of ref document: A1