+

CN115694800A - Data processing method, device, server and storage medium - Google Patents

Data processing method, device, server and storage medium Download PDF

Info

Publication number
CN115694800A
CN115694800A CN202211277052.4A CN202211277052A CN115694800A CN 115694800 A CN115694800 A CN 115694800A CN 202211277052 A CN202211277052 A CN 202211277052A CN 115694800 A CN115694800 A CN 115694800A
Authority
CN
China
Prior art keywords
key
target
plaintext
ciphertext
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211277052.4A
Other languages
Chinese (zh)
Inventor
段泽源
张庆祝
石虎乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid E Commerce Technology Co Ltd
Original Assignee
State Grid E Commerce Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid E Commerce Technology Co Ltd filed Critical State Grid E Commerce Technology Co Ltd
Priority to CN202211277052.4A priority Critical patent/CN115694800A/en
Publication of CN115694800A publication Critical patent/CN115694800A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The embodiment of the application discloses a data processing method, a data processing device, a server and a storage medium, wherein the server obtains target data in a ciphertext form sent by a terminal; decrypting the second key in the form of the ciphertext in the second device by using the first key stored in the first device to obtain the second key in the form of the plaintext; decrypting the target key in the form of the ciphertext in the target configuration file by using the second key in the form of the plaintext to obtain the target key in the form of the plaintext; and decrypting the target data in the form of the ciphertext by using the target key in the form of the plaintext to obtain the target data in the form of the plaintext. In the application, the server side encrypts the target key for decrypting the target data and encrypts the key for encrypting the target key, and different decryption keys are stored at different positions, so that the security of the key is improved, the probability of cracking the data sent by the terminal is reduced, and the information security of a terminal user is ensured.

Description

数据处理方法、装置及服务器和存储介质Data processing method, device, server and storage medium

技术领域technical field

本申请涉及数据处理技术领域,更具体地说,涉及一种数据处理方法、装置及服务器和存储介质。The present application relates to the technical field of data processing, and more specifically, to a data processing method, device, server and storage medium.

背景技术Background technique

目前,密钥作为可以获取其他信息的“钥匙”,一般存储于配置文件中,以便于使用时实时进行调用。而配置文件一般采用易于反向编译的语言进行配置。黑客一旦攻破了程序所在的服务器后,很容易就可以通过反向编译破译出该配置文件中存储的密钥,从而可以利用破译出的密钥获得终端用户的其他信息,导致用户信息泄露。因此,如何保证终端用户信息的安全成为亟待解决的技术问题。At present, the key is used as a "key" to obtain other information, and is generally stored in the configuration file, so as to be called in real time during use. The configuration file is generally configured in a language that is easy to reverse compile. Once a hacker breaks through the server where the program is located, it is easy to decipher the key stored in the configuration file through reverse compilation, so that the deciphered key can be used to obtain other information of the end user, resulting in user information leakage. Therefore, how to ensure the security of end user information has become an urgent technical problem to be solved.

发明内容Contents of the invention

本申请提供一种数据处理方法、装置及服务器和存储介质,包括如下技术方案:This application provides a data processing method, device, server, and storage medium, including the following technical solutions:

一种数据处理方法,用于服务器,所述方法包括:A data processing method for a server, the method comprising:

获得终端发送的密文形式的目标数据;Obtain the target data in ciphertext form sent by the terminal;

利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;Decrypting the second key in ciphertext form in the second device by using the first key stored in the first device to obtain the second key in plaintext form;

利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;Deciphering the target key in ciphertext in the target configuration file by using the second key in plaintext to obtain the target key in plaintext;

利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The target data in ciphertext form is decrypted by using the target key in plaintext form to obtain the target data in plaintext form.

上述方法,优选的,用于对所述目标数据进行加密的密钥与所述目标密钥属于非对称密钥。In the above method, preferably, the key used to encrypt the target data and the target key are asymmetric keys.

上述方法,优选的,对所述第二密钥进行加密的密钥和所述第一密钥属于对称密钥;和/或,In the above method, preferably, the key for encrypting the second key and the first key are symmetric keys; and/or,

对所述目标密钥进行加密的密钥和所述明文形式的第二密钥属于对称密钥。The key for encrypting the target key and the second key in plaintext form belong to symmetric keys.

上述方法,优选的,所述第一装置和所述第二装置不同。In the above method, preferably, the first device and the second device are different.

上述方法,优选的,所述第一装置和所述第二装置为不同的数据库。In the above method, preferably, the first device and the second device are different databases.

上述方法,优选的,所述第一装置和所述第二装置为不同的服务管理平台。In the above method, preferably, the first device and the second device are different service management platforms.

上述方法,优选的,所述第一装置和所述第二装置中的其中一个装置为数据库,另一个装置为服务管理平台。In the above method, preferably, one of the first device and the second device is a database, and the other is a service management platform.

一种数据处理装置,用于服务器,所述装置包括:A data processing device for a server, the device comprising:

获得模块,用于获得终端发送的密文形式的目标数据;Obtaining a module, configured to obtain target data in ciphertext form sent by the terminal;

第一解密模块,用于利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;The first decryption module is configured to use the first key stored in the first device to decrypt the second key in ciphertext form in the second device to obtain the second key in plaintext form;

第二解密模块,用于利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;The second decryption module is configured to use the second key in plaintext to decrypt the target key in ciphertext in the target configuration file to obtain the target key in plaintext;

第三解密模块,用于利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The third decryption module is configured to use the target key in plain text to decrypt the target data in cipher text to obtain the target data in plain text.

一种服务器,包括:A server comprising:

存储器,用于存储程序;memory for storing programs;

处理器,用于调用并执行所述存储器中的所述程序,通过执行所述程序实现如上任一项所述的数据处理方法的各个步骤。A processor, configured to call and execute the program in the memory, and implement each step of the data processing method described in any one of the above items by executing the program.

一种可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时,实现如上任一项所述的数据处理方法的各个步骤。A readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, each step of the data processing method described in any one of the above items is realized.

通过以上方案可知,本申请提供的一种数据处理方法、装置及服务器和存储介质,服务器获得终端发送的密文形式的目标数据;利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;利用明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;利用明文形式的目标密钥对密文形式的目标数据进行解密,得到明文形式的目标数据。本申请中,服务器端不仅对用于对目标数据进行解密的目标密钥进行加密,还对用于对目标密钥进行加密的密钥进行加密,而且,不同的解密密钥存储在不同的位置,从而提高密钥的安全性,降低终端发送的数据被破解的概率,保证终端用户的信息安全。It can be known from the above solution that, in the data processing method, device, server and storage medium provided by the present application, the server obtains the target data in cipher text form sent by the terminal; Decrypt the second key in ciphertext form to obtain the second key in plaintext form; use the second key in plaintext form to decrypt the target key in ciphertext form in the target configuration file to obtain the target key in plaintext form key; use the target key in plain text to decrypt the target data in cipher text to obtain the target data in plain text. In this application, the server side not only encrypts the target key used to decrypt the target data, but also encrypts the key used to encrypt the target key, and different decryption keys are stored in different locations , so as to improve the security of the key, reduce the probability of the data sent by the terminal being cracked, and ensure the information security of the terminal user.

附图说明Description of drawings

为了更清楚地说明本申请实施例的技术方案,下面将对实施例所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present application, the accompanying drawings used in the embodiments will be briefly introduced below. Obviously, the accompanying drawings in the following description are only some embodiments of the present application. Ordinary technicians can also obtain other drawings based on these drawings on the premise of not paying creative work.

图1为本申请实施例提供的数据处理方法的一种实现流程图;Fig. 1 is a kind of implementation flowchart of the data processing method that the embodiment of the present application provides;

图2为本申请实施例提供的数据处理装置的一种结构示意图;FIG. 2 is a schematic structural diagram of a data processing device provided in an embodiment of the present application;

图3为本申请实施例提供的服务器的一种结构示意图。FIG. 3 is a schematic structural diagram of a server provided by an embodiment of the present application.

说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”“第四”等(如果存在)是用于区别类似的部分,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的本申请的实施例,能够以除了在这里图示的以外的顺序实施。The terms "first", "second", "third", "fourth", etc., if any, in the description and claims and the above drawings are used to distinguish similar parts and not necessarily to describe specific sequence or sequence. It should be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the application described herein can be practiced in sequences other than those illustrated herein.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有付出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

本申请实施例提供的数据处理方法和装置可以用于服务器中,这里的服务器可以是单台服务器,也可以是由多台服务器构成的服务器集群,或者,可以是云平台服务器。The data processing method and device provided in the embodiments of the present application can be used in a server, where the server can be a single server, or a server cluster composed of multiple servers, or can be a cloud platform server.

如图1所述,为本申请实施例提供的数据处理方法的一种实现流程图,可以包括:As shown in Figure 1, an implementation flowchart of the data processing method provided in the embodiment of the present application may include:

步骤S101:获得终端发送的密文形式的目标数据。Step S101: Obtain target data in ciphertext form sent by the terminal.

可选的,目标数据可以是终端与服务器端约定的任意需要加密的数据,作为示例,服务器可以是提供业务服务的服务器,目标数据可以是终端预先向服务器注册的登录信息,比如,账户和密码。当终端想要登录目标服务器时,可以在终端显示的业务系统的登录页面中输入账户和密码,然后触发生成登录请求,该登录请求中携带有加密的账户和密码,终端向服务器发送登录请求。服务器接收到登录请求后,从中解析出密文形式的的账户和密码。Optionally, the target data may be any data that needs to be encrypted as agreed between the terminal and the server. As an example, the server may be a server that provides business services, and the target data may be the login information that the terminal registered with the server in advance, such as account and password . When the terminal wants to log in to the target server, it can enter the account and password in the login page of the business system displayed on the terminal, and then trigger the generation of a login request, which carries the encrypted account and password, and the terminal sends the login request to the server. After receiving the login request, the server parses out the account and password in ciphertext form.

步骤S102:利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥。Step S102: Use the first key stored in the first device to decrypt the second key in ciphertext in the second device to obtain the second key in plaintext.

第一装置和第二装置为不同的装置。The first device and the second device are different devices.

作为示例,第一装置和第二装置可以是不同的数据库。比如,第一装置为mysql数据库,第二装置为oracle数据库。As an example, the first device and the second device may be different databases. For example, the first device is a mysql database, and the second device is an oracle database.

作为示例,第一装置和第二装置可以是不同的服务管理平台。比如,第一装置为Nacos服务管理平台,第二装置为redis服务管理平台。As an example, the first device and the second device may be different service management platforms. For example, the first device is the Nacos service management platform, and the second device is the redis service management platform.

作为示例,第一装置和第二装置中的其中一个装置为数据库,另一个装置为服务管理平台。比如,第一装置为mysql数据库或oracle数据库,第二装置为Nacos服务管理平台或redis服务管理平台;或者,第一装置为Nacos服务管理平台或redis服务管理平台,第二装置为mysql数据库或oracle数据库。As an example, one of the first device and the second device is a database, and the other device is a service management platform. For example, the first device is a mysql database or an oracle database, and the second device is a Nacos service management platform or a redis service management platform; or, the first device is a Nacos service management platform or a redis service management platform, and the second device is a mysql database or oracle database.

第一装置中存储的是用于对密文形式的第二密钥进行解密的第一密钥。第一密钥是明文形式的密钥。Stored in the first device is the first key used to decrypt the second key in ciphertext. The first key is a key in plain text.

第二装置中存储的是用于对密文形式的目标密钥进行解密的第二密钥,且第二密钥是以密文形式存储的。Stored in the second device is a second key used to decrypt the target key in ciphertext, and the second key is stored in ciphertext.

步骤S103:利用明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥。Step S103: Using the second key in plain text to decrypt the target key in cipher text in the target configuration file to obtain the target key in plain text.

目标配置文件中存储的是用于对密文形式的目标数据进行解密的目标密钥,且目标密钥是以密文形式存在目标配置文件中。The target configuration file stores a target key for decrypting target data in ciphertext, and the target key is stored in the target configuration file in ciphertext.

步骤S104:利用明文形式的目标密钥对密文形式的目标数据进行解密,得到明文形式的目标数据。Step S104: using the target key in plain text to decrypt the target data in cipher text to obtain the target data in plain text.

由上述内容可知,本申请中,服务器针对目标数据设置了三层密钥,其中,From the above content, it can be known that in this application, the server sets three layers of keys for the target data, among which,

第一层是对密文形式的目标数据进行解密的目标密钥;The first layer is the target key for decrypting the target data in ciphertext form;

第二层是对密文形式的目标密钥进行解密的第二密钥;The second layer is the second key for decrypting the target key in ciphertext form;

第三层是对密文形式的第二密钥进行解密的第一密钥。The third layer is the first key that decrypts the second key in ciphertext.

以目标数据为账户和密码为例,在得到明文形式的账户和密码后,服务器可以对账户和密码进行校验,如果校验通过,则允许终端登录业务系统,否则,禁止终端登录业务系统。Taking the target data as an account and password as an example, after obtaining the account and password in plain text, the server can verify the account and password. If the verification passes, the terminal is allowed to log in to the business system; otherwise, the terminal is prohibited from logging in to the business system.

本申请提供的数据处理方法,服务器获得终端发送的密文形式的目标数据后,利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;利用明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;利用明文形式的目标密钥对密文形式的目标数据进行解密,得到明文形式的目标数据。本申请中,服务器端不仅对用于对目标数据进行解密的目标密钥进行加密,还对用于对目标密钥进行加密的密钥进行加密,而且,不同的解密密钥存储在不同的位置,从而提高密钥的安全性,降低终端发送的数据被破解的概率,保证终端用户的信息安全。In the data processing method provided by this application, after the server obtains the target data in ciphertext form sent by the terminal, it uses the first key stored in the first device to decrypt the second key in ciphertext form in the second device to obtain The second key in plaintext form; use the second key in plaintext form to decrypt the target key in ciphertext form in the target configuration file to obtain the target key in plaintext form; use the target key in plaintext form to decrypt the target key in ciphertext form Decrypt the target data to get the target data in plain text. In this application, the server side not only encrypts the target key used to decrypt the target data, but also encrypts the key used to encrypt the target key, and different decryption keys are stored in different locations , so as to improve the security of the key, reduce the probability of the data sent by the terminal being cracked, and ensure the information security of the terminal user.

在一可选的实施例中,用于对目标数据进行加密的密钥与目标密钥属于非对称密钥。In an optional embodiment, the key used to encrypt the target data and the target key are asymmetric keys.

作为示例,用于对明文形式的目标数据进行加密的密钥为非对称密钥中的公钥,用于对密文形式的目标数据进行解密的目标密钥为非对称密钥中的私钥。As an example, the key used to encrypt the target data in plaintext is the public key in the asymmetric key, and the target key used to decrypt the target data in ciphertext is the private key in the asymmetric key .

在一可选的实施例中,对第二密钥进行加密的密钥和第一密钥属于非对称密钥。In an optional embodiment, the key for encrypting the second key and the first key are asymmetric keys.

作为示例,用于对明文形式的第二密钥进行加密的密钥属于非对称密钥中的公钥,用于对密文形式的第二密钥进行解密的第一密钥属于非对称密钥中的私钥。As an example, the key used to encrypt the second key in plaintext belongs to the public key in the asymmetric key, and the first key used to decrypt the second key in ciphertext belongs to the asymmetric key. private key in the key.

在一可选的实施例中,对目标密钥进行加密的密钥和明文形式的第二密钥属于对称密钥。In an optional embodiment, the key for encrypting the target key and the second key in plain text are symmetric keys.

作为示例,用于对明文形式的目标密钥进行加密的密钥属于非对称密钥中的公钥,用于对密文形式的目标密钥进行解密的第二密钥属于非对称密钥中的私钥。As an example, the key used to encrypt the target key in plaintext belongs to the public key in the asymmetric key, and the second key used to decrypt the target key in ciphertext belongs to the asymmetric key private key.

本申请研究发现,三层加密均使用非对称加密的话,解密速度较慢,为了提高解密速度,第二密钥和目标密钥均可以采用对称密钥加密,基于此,This application found that if the three layers of encryption use asymmetric encryption, the decryption speed is relatively slow. In order to improve the decryption speed, both the second key and the target key can be encrypted with a symmetric key. Based on this,

在一可选的实施例中,对第二密钥进行加密的密钥和第一密钥属于对称密钥。也就是说,用于对明文形式的第二密钥进行加密的密钥和用于对密文形式的第二密钥进行解密的第一密钥是同一密钥。In an optional embodiment, the key for encrypting the second key and the first key are symmetric keys. That is to say, the key used to encrypt the second key in plaintext and the first key used to decrypt the second key in ciphertext are the same key.

在一可选的实施例中,对目标密钥进行加密的密钥和明文形式的第二密钥属于对称密钥。也就是说,用于对明文形式的目标密钥进行加密的密钥和用于对密文形式的目标密钥进行解密的第二密钥是同一密钥。In an optional embodiment, the key for encrypting the target key and the second key in plain text are symmetric keys. That is to say, the key used to encrypt the target key in plaintext and the second key used to decrypt the target key in ciphertext are the same key.

本申请中,目标数据使用非对称密钥进行加密,目标密钥和第二密钥均通过对称密钥加密,在保证目标数据的安全的同时,提高解密速度。In this application, the target data is encrypted with an asymmetric key, and both the target key and the second key are encrypted with a symmetric key, which improves the decryption speed while ensuring the security of the target data.

在一可选的实施例中,用于对目标数据进行加密的密钥与目标密钥属于对称密钥。即,用于对明文形式的目标数据进行加密的密钥和用于对密文形式的目标数据进行解密的目标密钥是同一密钥。In an optional embodiment, the key used to encrypt the target data and the target key are symmetric keys. That is, the key used to encrypt target data in plaintext and the target key used to decrypt target data in ciphertext are the same key.

相应的,第二密钥和目标密钥可以采用对称密钥加密,也可以采用非对称密钥加密。Correspondingly, the second key and the target key may be encrypted using a symmetric key or may be encrypted using an asymmetric key.

与方法实施例相对应,本申请还提供一种用于服务器的数据处理装置,本申请实施例提供的数据处理装置的一种结构示意图如图2所示,可以包括:Corresponding to the method embodiment, the present application also provides a data processing device for a server. A schematic structural diagram of the data processing device provided in the embodiment of the present application is shown in FIG. 2 , which may include:

获得模块201,第一解密模块202,第二解密模块203和第三解密模块204;其中,Obtaining module 201, first decryption module 202, second decryption module 203 and third decryption module 204; wherein,

获得模块201用于获得终端发送的密文形式的目标数据;The obtaining module 201 is used to obtain the target data in the form of ciphertext sent by the terminal;

第一解密模块202用于利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;The first decryption module 202 is configured to use the first key stored in the first device to decrypt the second key in ciphertext form in the second device to obtain the second key in plaintext form;

第二解密模块203用于利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;The second decryption module 203 is configured to use the second key in plaintext to decrypt the target key in ciphertext in the target configuration file to obtain the target key in plaintext;

第三解密模块204用于利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The third decryption module 204 is configured to use the target key in plain text to decrypt the target data in cipher text to obtain target data in plain text.

本申请实施例提供的数据处理装置,获得终端发送的密文形式的目标数据后,利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;利用明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;利用明文形式的目标密钥对密文形式的目标数据进行解密,得到明文形式的目标数据。本申请中,服务器端不仅对用于对目标数据进行解密的目标密钥进行加密,还对用于对目标密钥进行加密的密钥进行加密,而且,不同的解密密钥存储在不同的位置,从而提高密钥的安全性,降低终端发送的数据被破解的概率,保证终端用户的信息安全。The data processing device provided in the embodiment of the present application, after obtaining the target data in ciphertext form sent by the terminal, uses the first key stored in the first device to decrypt the second key in ciphertext form in the second device, Obtain the second key in plaintext form; use the second key in plaintext form to decrypt the target key in ciphertext form in the target configuration file to obtain the target key in plaintext form; use the target key in plaintext form to decrypt the ciphertext Decrypt the target data in plain text form to get the target data in plain text form. In this application, the server side not only encrypts the target key used to decrypt the target data, but also encrypts the key used to encrypt the target key, and different decryption keys are stored in different locations , so as to improve the security of the key, reduce the probability of the data sent by the terminal being cracked, and ensure the information security of the terminal user.

在一可选的实施例中,用于对所述目标数据进行加密的密钥与所述目标密钥属于非对称密钥。In an optional embodiment, the key used to encrypt the target data and the target key are asymmetric keys.

在一可选的实施例中,对所述第二密钥进行加密的密钥和所述第一密钥属于对称密钥;和/或,In an optional embodiment, the key for encrypting the second key and the first key are symmetric keys; and/or,

对所述目标密钥进行加密的密钥和所述明文形式的第二密钥属于对称密钥。The key for encrypting the target key and the second key in plaintext form belong to symmetric keys.

在一可选的实施例中,所述第一装置和所述第二装置不同。In an optional embodiment, the first device and the second device are different.

在一可选的实施例中,所述第一装置和所述第二装置为不同的数据库。In an optional embodiment, the first device and the second device are different databases.

在一可选的实施例中,所述第一装置和所述第二装置为不同的服务管理平台。In an optional embodiment, the first device and the second device are different service management platforms.

在一可选的实施例中,所述第一装置和所述第二装置中的其中一个装置为数据库,另一个装置为服务管理平台。In an optional embodiment, one of the first device and the second device is a database, and the other is a service management platform.

与方法实施例相对应,本申请还提供一种服务器,该服务器的一种结构示意图如图3所示,可以包括:至少一个处理器1,至少一个通信接口2,至少一个存储器3和至少一个通信总线4。Corresponding to the method embodiment, the present application also provides a server. A schematic structural diagram of the server is shown in FIG. 3 , which may include: at least one processor 1, at least one communication interface 2, at least one memory 3 and at least one communication bus4.

在本申请实施例中,处理器1、通信接口2、存储器3、通信总线4的数量为至少一个,且处理器1、通信接口2、存储器3通过通信总线4完成相互间的通信。In the embodiment of the present application, there are at least one processor 1 , communication interface 2 , memory 3 , and communication bus 4 , and the processor 1 , communication interface 2 , and memory 3 communicate with each other through the communication bus 4 .

处理器1可能是一个中央处理器CPU,或者是特定集成电路ASIC(ApplicationSpecific Integrated Circuit),或者是被配置成实施本申请实施例的一个或多个集成电路等。The processor 1 may be a central processing unit CPU, or an ASIC (Application Specific Integrated Circuit), or one or more integrated circuits configured to implement the embodiments of the present application.

存储器3可能包含高速RAM存储器,也可能还包括非易失性存储器(non-volatilememory)等,例如至少一个磁盘存储器。The memory 3 may include a high-speed RAM memory, and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory.

其中,存储器3存储有程序,处理器1可调用存储器3存储的程序,所述程序用于:Wherein, the memory 3 stores a program, and the processor 1 can call the program stored in the memory 3, and the program is used for:

获得终端发送的密文形式的目标数据;Obtain the target data in ciphertext form sent by the terminal;

利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;Decrypting the second key in ciphertext form in the second device by using the first key stored in the first device to obtain the second key in plaintext form;

利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;Deciphering the target key in ciphertext in the target configuration file by using the second key in plaintext to obtain the target key in plaintext;

利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The target data in ciphertext form is decrypted by using the target key in plaintext form to obtain the target data in plaintext form.

可选的,所述程序的细化功能和扩展功能可参照上文描述。Optionally, the detailed functions and extended functions of the program can refer to the above description.

本申请实施例还提供一种存储介质,该存储介质可存储有适于处理器执行的程序,所述程序用于:The embodiment of the present application also provides a storage medium, which can store a program suitable for execution by a processor, and the program is used for:

获得终端发送的密文形式的目标数据;Obtain the target data in ciphertext form sent by the terminal;

利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;Decrypting the second key in ciphertext form in the second device by using the first key stored in the first device to obtain the second key in plaintext form;

利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;Deciphering the target key in ciphertext in the target configuration file by using the second key in plaintext to obtain the target key in plaintext;

利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The target data in ciphertext form is decrypted by using the target key in plaintext form to obtain the target data in plaintext form.

可选的,所述程序的细化功能和扩展功能可参照上文描述。Optionally, the detailed functions and extended functions of the program can refer to the above description.

本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Those skilled in the art can appreciate that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present application.

在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed systems, devices and methods may be implemented in other ways. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.

应当理解,本申请实施例中,从权、各个实施例、特征可以互相组合结合,都能实现解决前述技术问题。It should be understood that in the embodiments of the present application, the subclaims, various embodiments, and features can be combined with each other to solve the foregoing technical problems.

所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。If the functions described above are realized in the form of software function units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes. .

对所公开的实施例的上述说明,使本领域专业技术人员能够实现或使用本申请。对这些实施例的多种修改对本领域的专业技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本申请的精神或范围的情况下,在其它实施例中实现。因此,本申请将不会被限制于本文所示的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。The above description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the application. Therefore, the present application will not be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1.一种数据处理方法,用于服务器,其特征在于,所述方法包括:1. A data processing method for a server, wherein the method comprises: 获得终端发送的密文形式的目标数据;Obtain the target data in ciphertext form sent by the terminal; 利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;Decrypting the second key in ciphertext form in the second device by using the first key stored in the first device to obtain the second key in plaintext form; 利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;Deciphering the target key in ciphertext in the target configuration file by using the second key in plaintext to obtain the target key in plaintext; 利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The target data in ciphertext form is decrypted by using the target key in plaintext form to obtain the target data in plaintext form. 2.根据权利要求1所述的方法,其特征在于,用于对所述目标数据进行加密的密钥与所述目标密钥属于非对称密钥。2. The method according to claim 1, wherein the key used to encrypt the target data and the target key are asymmetric keys. 3.根据权利要求1或2所述的方法,其特征在于,对所述第二密钥进行加密的密钥和所述第一密钥属于对称密钥;和/或,3. The method according to claim 1 or 2, wherein the key for encrypting the second key and the first key are symmetric keys; and/or, 对所述目标密钥进行加密的密钥和所述明文形式的第二密钥属于对称密钥。The key for encrypting the target key and the second key in plaintext form belong to symmetric keys. 4.根据权利要求1所述的方法,其特征在于,所述第一装置和所述第二装置不同。4. The method of claim 1, wherein the first device and the second device are different. 5.根据权利要求4所述的方法,其特征在于,所述第一装置和所述第二装置为不同的数据库。5. The method according to claim 4, wherein the first device and the second device are different databases. 6.根据权利要求4所述的方法,其特征在于,所述第一装置和所述第二装置为不同的服务管理平台。6. The method according to claim 4, wherein the first device and the second device are different service management platforms. 7.根据权利要求4所述的方法,其特征在于,所述第一装置和所述第二装置中的其中一个装置为数据库,另一个装置为服务管理平台。7. The method according to claim 4, wherein one of the first device and the second device is a database, and the other is a service management platform. 8.一种数据处理装置,用于服务器,其特征在于,所述装置包括:8. A data processing device for a server, wherein the device comprises: 获得模块,用于获得终端发送的密文形式的目标数据;Obtaining a module, configured to obtain target data in ciphertext form sent by the terminal; 第一解密模块,用于利用第一装置中存储的第一密钥对第二装置中的密文形式的第二密钥进行解密,得到明文形式的第二密钥;The first decryption module is configured to use the first key stored in the first device to decrypt the second key in ciphertext form in the second device to obtain the second key in plaintext form; 第二解密模块,用于利用所述明文形式的第二密钥对目标配置文件中密文形式的目标密钥进行解密,得到明文形式的目标密钥;The second decryption module is configured to use the second key in plaintext to decrypt the target key in ciphertext in the target configuration file to obtain the target key in plaintext; 第三解密模块,用于利用所述明文形式的目标密钥对所述密文形式的目标数据进行解密,得到明文形式的目标数据。The third decryption module is configured to use the target key in plain text to decrypt the target data in cipher text to obtain the target data in plain text. 9.一种服务器,包括:9. A server, comprising: 存储器,用于存储程序;memory for storing programs; 处理器,用于调用并执行所述存储器中的所述程序,通过执行所述程序实现如权利要求1-7中任一项所述的数据处理方法的各个步骤。A processor, configured to call and execute the program in the memory, and realize each step of the data processing method according to any one of claims 1-7 by executing the program. 10.一种可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时,实现如权利要求1-7中任一项所述的数据处理方法的各个步骤。10. A readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, each step of the data processing method according to any one of claims 1-7 is realized.
CN202211277052.4A 2022-10-18 2022-10-18 Data processing method, device, server and storage medium Pending CN115694800A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211277052.4A CN115694800A (en) 2022-10-18 2022-10-18 Data processing method, device, server and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211277052.4A CN115694800A (en) 2022-10-18 2022-10-18 Data processing method, device, server and storage medium

Publications (1)

Publication Number Publication Date
CN115694800A true CN115694800A (en) 2023-02-03

Family

ID=85067345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211277052.4A Pending CN115694800A (en) 2022-10-18 2022-10-18 Data processing method, device, server and storage medium

Country Status (1)

Country Link
CN (1) CN115694800A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119513886A (en) * 2024-09-10 2025-02-25 杭州华橙网络科技有限公司 Target data processing method, electronic device and computer-readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112270001A (en) * 2020-10-22 2021-01-26 苏州浪潮智能科技有限公司 Key management method, device, server, medium and system
CN113434904A (en) * 2021-07-02 2021-09-24 网易(杭州)网络有限公司 Data processing method and device, computer equipment and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112270001A (en) * 2020-10-22 2021-01-26 苏州浪潮智能科技有限公司 Key management method, device, server, medium and system
CN113434904A (en) * 2021-07-02 2021-09-24 网易(杭州)网络有限公司 Data processing method and device, computer equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119513886A (en) * 2024-09-10 2025-02-25 杭州华橙网络科技有限公司 Target data processing method, electronic device and computer-readable storage medium
CN119513886B (en) * 2024-09-10 2025-10-03 杭州华橙网络科技有限公司 Target data processing method, electronic device, and computer-readable storage medium

Similar Documents

Publication Publication Date Title
US10103891B2 (en) Method of generating a deniable encrypted communications via password entry
US10142107B2 (en) Token binding using trust module protected keys
CN101051904B (en) Method for landing by account number cipher for protecting network application sequence
WO2020237868A1 (en) Data transmission method, electronic device, server and storage medium
CN110868301B (en) Identity authentication system and method based on state cryptographic algorithm
US20180013555A1 (en) Data transmission method and apparatus
US8984295B2 (en) Secure access to electronic devices
CN102377564B (en) Method and device for encrypting private key
CN103414682B (en) The method for cloud storage of a kind of data and system
US20130028419A1 (en) System and a method for use in a symmetric key cryptographic communications
US9961056B2 (en) Method of deniable encrypted communications
CN108924147B (en) Communication terminal digital certificate issuing method, server and communication terminal
CN109684129B (en) Data backup recovery method, storage medium, encryption machine, client and server
CN204360381U (en) mobile device
CN112823503B (en) Data access method, data access device and mobile terminal
CN103475474B (en) Method for providing and acquiring shared enciphered data and identity authentication equipment
CN103067160A (en) Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD)
CN108199847B (en) Digital security processing method, computer device, and storage medium
US10063655B2 (en) Information processing method, trusted server, and cloud server
CN111241492A (en) Product multi-tenant secure credit granting method, system and electronic equipment
CN111914291A (en) Message processing method, device, equipment and storage medium
CN115276978A (en) Data processing method and related device
CN111901335A (en) Block chain data transmission management method and system based on middle station
CN107707562A (en) Method and device for asymmetric dynamic token encryption and decryption algorithm
CN114282254A (en) Encryption, decryption method and device, electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载