CN108718318A - Health online basic-level hygiene performance assessment information system - Google Patents
Health online basic-level hygiene performance assessment information system Download PDFInfo
- Publication number
- CN108718318A CN108718318A CN201810607514.1A CN201810607514A CN108718318A CN 108718318 A CN108718318 A CN 108718318A CN 201810607514 A CN201810607514 A CN 201810607514A CN 108718318 A CN108718318 A CN 108718318A
- Authority
- CN
- China
- Prior art keywords
- server
- base
- user
- central server
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000036541 health Effects 0.000 title claims abstract description 20
- 101100217298 Mus musculus Aspm gene Proteins 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 3
- 238000000034 method Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to a health online basic-level hygiene performance assessment information system, which comprises a central server and a plurality of basic-level servers, wherein each basic-level server is provided with a plurality of users and stores the corresponding hygiene performance assessment information of the user; the central server is used for contacting each basic level server, so that users of the second basic level server can log in and access the health performance assessment information of the users through the first basic level server. The invention breaks through information isolated island, makes the basic-level health performance assessment information systems interconnected and intercommunicated, and can safely transmit information among all basic-level servers.
Description
【Technical field】
The invention belongs to information technology field more particularly to a kind of HEALTH ONLINE basic health performance appraisal information systems.
【Background technology】
In order to reach the hygiene and health target of country's formulation, existing basic health mechanism is required for carrying out performance appraisal,
And establish corresponding information system thus respectively, but existing information system is usually relatively more isolated, forms information island, only
The user of this system can be served, if as soon as a user has arrived another information system, the information of its needs can not be obtained, no
Conducive to the exchange of basic health officer.
【Invention content】
To solve the above-mentioned problems, the present invention proposes a kind of HEALTH ONLINE basic health performance appraisal information system.
The technical solution adopted by the present invention is as follows:
A kind of HEALTH ONLINE basic health performance appraisal information system, including central server and multiple base's servers,
It is connected with each other by network between each server;
Base's server has the multiple users of its own, and preserves own user hygienic performance appraisal letter accordingly
Breath;The central server is registered in central server in advance for getting in touch with each base's server, each base's server, note
Volume information includes identifier, network address and the key of base's server;
Wherein, the user of second base's server can pass through first base's server log and the access hygienic performance of oneself
Examination information, specific steps include:
(1) user inputs its identifier ServerID2.UserID and password and is logged in the server request of the first base,
Middle ServerID2 is the identifier of second base's server, and UserID is identifier of the user in second base's server;
(2) the first ID query messages of base's server constructs one, the ID query messages include
ServerID2.UserID, and the ID query messages are sent to central server;
(3) central server is based on ID query messages, obtains the identifier ServerID2 of second base's server, goes forward side by side
One step obtains the network address of second base's server, and the ID query messages are transmitted to second base's server;
(4) second base's servers check that UserID therein whether there is, if do not deposited after receiving ID query messages
Then the second base server notice central server UserID is not present, and central server reinforms the service of the first base
Device, to which first base's server refuses user login, flow terminates;
(5) if second base's server confirms that the UserID exists, second base's server notifies central server
The UserID exists, and central server generates a random number R, uses the key in first base's server registration information at this time
Random number R is encrypted in key1, obtains encrypted result E1;
(6) encrypted result E1 is sent to first base's server by central server, and first base's server carries out E1
Decryption, obtains random number R;
(7) first base's servers calculate P=R ⊕ Hash (PW), and wherein PW is the password input by user, and Hash is one
A hash function;First base's server is encrypted P using key key1, obtains encrypted result E2, and the encryption is tied
Fruit E2 is sent to central server;
(8) E2 is decrypted in central server, obtains P values;Then central server constructs a log messages, described
Log messages include:Using the key key2 of second base's server to the encrypted result E3 of P, using key2 to the encryption knot of R
Fruit E4 and user identifier ServerID2.UserID;
(9) log messages are sent to second base's server by central server, and second base's server is right respectively
E3 and E4 are decrypted, and obtain P and R, and the cryptographic Hash of PW is obtained by calculating P ⊕ R;
Cryptographic Hash of (10) the second base's servers based on the user identifier and PW, verifies the user identifier and PW
Whether match, if it does not match, second base's server refusal logs in, refusal log messages are sent by central server
To first base's server;If it does, then second base's server is using R as the hygienic performance appraisal letter of the key pair user
Breath is encrypted, and obtains encrypted result E5;
The encrypted result E5 is sent to first base's server by (11) second base's servers by central server.
Further, if user is the user of first base's server, it can be used directly and is serviced in the first base
The identifier and the first base of password login server of device.
Further, encryption uses symmetric encipherment algorithm.
Further, the Encryption Algorithm is DES or aes algorithm.
Further, the hash function is SHA1 or MD5.
Further, first base's server and second base's server establish coded communication using R for key.
Beneficial effects of the present invention are:Break information island, basic health performance appraisal information system is made to interconnect, believes
Breath can safely transmit between each base's server.
【Description of the drawings】
Attached drawing described herein is to be used to provide further understanding of the present invention, and is constituted part of this application, but
It does not constitute improper limitations of the present invention, in the accompanying drawings:
Fig. 1 is the basic block diagram of present system.
【Specific implementation mode】
Come that the present invention will be described in detail below in conjunction with attached drawing and specific embodiment, illustrative examples therein and says
It is bright to be only used for explaining the present invention but not as a limitation of the invention.
The present invention proposes a kind of HEALTH ONLINE basic health performance appraisal information system, and attached drawing 1 shows that it is tied substantially
Composition.Described information system includes a central server and multiple base's servers, mutual by network between each server
It is connected.Wherein, each base's server can serve the multiple users of its own, and preserve each user hygienic achievement accordingly
Effect examination information, each user have its identifier (UserID) in its base's server.
The central server is for getting in touch with each base's server.Each base server is noted in central server in advance
Volume, log-on message includes identifier (ServerID), network address and the key of base's server.Wherein, key is one secret
The key of confidential information, each base's server only has base's server and central server to know;Base's server identifier
(ServerID) can be with one base's server of unique mark, therefore a user can pass through the shape of ServerID.UserID
Formula carrys out unique mark.
Based on above structure, the access method of the information system is described in detail below:
First, when a user needs to log in base's server, if the user belongs to base's server certainly
The user of body, then the user its identifier and password can be used normally to log in base's server, examined to access its performance
Nuclear information.If the user is simultaneously not belonging to base's server (the being set as Server1) user of itself, but belongs to another base
The user of stratum server (being set as Server2), then the user can use the forms of identifier of ServerID2.UserID and close
To the base, server request logs in code together, and wherein ServerID2 is the identifier of Server2.
When base's server receives the forms of identifier of ServerID2.UserID, it would be recognized that the user does not belong to
In own user, but another identifier is the user of base's server of ServerID2, and Server1 constructs one at this time
ID query messages carry ServerID2.UserID input by user in the ID query messages, and ID inquiries are disappeared
Breath is sent to central server.The purpose is to central server inquire the identifier input by user whether necessary being.
It due to central server itself and does not know about user identifier and whether there is, which is looked into based on ID
Message is ask, the identifier ServerID2 of corresponding base server is obtained, so as to know that it should be to identifier
Base server S erver2 corresponding to ServerID2 is inquired.Therefore log-on message of the central server from Server2
The ID query messages are transmitted to Server2 by middle its network address of acquisition.
Server2 checks that UserID therein whether there is after receiving ID query messages, if it does not exist, then
The Server2 notice central servers UserID is not present, and central server reinforms Server1, to which Server1 is rejected by
The user logs in.
If Server2 confirms that the UserID exists, Server2 notifies the central server UserID to exist, center
Server generates a random number R at this time, is encrypted, is obtained to random number R using the key key1 in Server1 log-on messages
To encrypted result E1.Encryption Algorithm of the present invention may be used the well known symmetric cryptography of any one in this field and calculate
Method, such as DES, AES etc..
Encrypted result E1 is sent to Server1 by central server, Server1 using its registration key key1 to E1 into
Row decryption, obtains random number R.
Server1 calculates P=R ⊕ Hash (PW), and wherein PW is the password input by user, and Hash is hash function,
The well known hash algorithm of any one in this field, such as SHA1, MD5 etc. may be used.Then Server1 uses key key1
P is encrypted, encrypted result E2 is obtained.Based on this mode, on the one hand Server1 hides the information of PW, separately
On the one hand, though the user be malicious user its if can not obtain more information by converting PW.
Encrypted result E2 is sent to central server by Server1, and E2 is decrypted in central server, obtains P values.
Then central server constructs a log messages, and the log messages include following three contents:1) using the close of Server2
Encrypted result E3s of the key key2 to P;2) encrypted result E4s of the key2 to R is used;3) user identifier ServerID2.UserID.
The log messages are sent to Server2 by central server, and Server2 respectively carries out E3 and E4 using key2
Decryption obtains P and R, and the cryptographic Hash of PW is obtained by calculating P ⊕ R.
So far, Server2 just obtains the cryptographic Hash of user identifier and password PW, and Server2 can be verified with regard to this
Whether the user identifier and PW match, if it does not match, Server2 refusals log in, refusal log messages are passed through center
Server is sent to Server1;If it does, then Server2 adds R as the performance appraisal information of the key pair user
It is close, obtain encrypted result E5.
The encrypted result E5 is sent to Server1 by Server2 by central server, and Server1 solves E5 using R
It is close, the performance appraisal information of user is obtained, so as to show user.
The above process pertains only to the example of user's login and the transmission of performance appraisal information, in the follow-up process, two bases
Stratum server can also cast aside central server, only establish coded communication using R for key between the two, transmit further letter
Breath.
Above- mentioned information system through the invention can safely transmit hygienic performance between different base's servers
Examine information so that user can safely roam between different base's servers.
The above is only the better embodiment of the present invention, therefore all constructions according to described in present patent application range,
The equivalent change or modification that feature and principle are done, is included within the scope of present patent application.
Claims (6)
1. a kind of HEALTH ONLINE basic health performance appraisal information system, which is characterized in that including central server and multiple bases
Stratum server is connected with each other by network between each server;
Base's server has the multiple users of its own, and preserves own user hygienic performance appraisal information accordingly;
The central server is registered in central server in advance for getting in touch with each base's server, each base's server, registration
Information includes identifier, network address and the key of base's server;
Wherein, the user of second base's server can pass through first base's server log and the access hygienic performance appraisal of oneself
Information, specific steps include:
(1) user inputs its identifier ServerID2.UserID and password and is logged in the server request of the first base, wherein
ServerID2 is the identifier of second base's server, and UserID is identifier of the user in second base's server;
(2) the first ID query messages of base's server constructs one, the ID query messages include ServerID2.UserID,
And the ID query messages are sent to central server;
(3) central server is based on ID query messages, obtains the identifier ServerID2 of second base's server, and further
The ID query messages are transmitted to second base's server by the network address for obtaining second base's server;
(4) second base's servers check that UserID therein whether there is after receiving ID query messages, if it does not,
Then second base server notice central server UserID is not present, and central server reinforms first base's server,
To which first base's server refuses user login, flow terminates;
(5) if second base's server confirms that the UserID exists, second base's server notice central server should
UserID exists, and central server generates a random number R, uses the key in first base's server registration information at this time
Random number R is encrypted in key1, obtains encrypted result E1;
(6) encrypted result E1 is sent to first base's server by central server, and E1 is decrypted in first base's server,
Obtain random number R;
(7) first base's servers calculate P=R ⊕ Hash (PW), and wherein PW is the password input by user, and Hash is a Kazakhstan
Uncommon function;First base's server is encrypted P using key key1, obtains encrypted result E2, and by encrypted result E2
It is sent to central server;
(8) E2 is decrypted in central server, obtains P values;Then central server constructs a log messages, the login
Message includes:Using the key key2 of second base's server to the encrypted result E3 of P, using key2 to the encrypted result E4 of R,
And user identifier ServerID2.UserID;
(9) log messages are sent to second base's server by central server, second base's server respectively to E3 and
E4 is decrypted, and obtains P and R, and the cryptographic Hash of PW is obtained by calculating P ⊕ R;
Whether cryptographic Hash of (10) the second base's servers based on the user identifier and PW verifies the user identifier and PW
Refusal log messages are sent to the if it does not match, the second base server refusal is logged in by matching by central server
One base's server;If it does, then second base's server using R as the hygienic performance appraisal information of the key pair user into
Row encryption, obtains encrypted result E5;
The encrypted result E5 is sent to first base's server by (11) second base's servers by central server.
2. system according to claim 1, which is characterized in that, can if user is the user of first base's server
Directly use it in the identifier and the first base of password login server of first base's server.
3. according to the system described in claim 1-2 any one, which is characterized in that encryption uses symmetric encipherment algorithm.
4. system according to claim 3, which is characterized in that the Encryption Algorithm is DES or aes algorithm.
5. according to the system described in claim 1-4, which is characterized in that the hash function is SHA1 or MD5.
6. according to the system described in claim 1-5 any one, which is characterized in that first base's server and the second base clothes
Business device is that key establishes coded communication using R.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810607514.1A CN108718318B (en) | 2018-06-13 | 2018-06-13 | Health online basic-level hygiene performance assessment information system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810607514.1A CN108718318B (en) | 2018-06-13 | 2018-06-13 | Health online basic-level hygiene performance assessment information system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108718318A true CN108718318A (en) | 2018-10-30 |
| CN108718318B CN108718318B (en) | 2020-09-18 |
Family
ID=63912886
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810607514.1A Active CN108718318B (en) | 2018-06-13 | 2018-06-13 | Health online basic-level hygiene performance assessment information system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108718318B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114422510A (en) * | 2020-10-13 | 2022-04-29 | 腾讯科技(深圳)有限公司 | Service processing method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080168275A1 (en) * | 2007-01-07 | 2008-07-10 | Dallas Blake De Atley | Securely Recovering a Computing Device |
| CN201491033U (en) * | 2009-08-20 | 2010-05-26 | 福建富士通信息软件有限公司 | Unified certification platform for operation systems |
| CN204990380U (en) * | 2015-06-30 | 2016-01-20 | 广东安居宝数码科技股份有限公司 | Wisdom community unified management equipment |
-
2018
- 2018-06-13 CN CN201810607514.1A patent/CN108718318B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080168275A1 (en) * | 2007-01-07 | 2008-07-10 | Dallas Blake De Atley | Securely Recovering a Computing Device |
| CN201491033U (en) * | 2009-08-20 | 2010-05-26 | 福建富士通信息软件有限公司 | Unified certification platform for operation systems |
| CN204990380U (en) * | 2015-06-30 | 2016-01-20 | 广东安居宝数码科技股份有限公司 | Wisdom community unified management equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114422510A (en) * | 2020-10-13 | 2022-04-29 | 腾讯科技(深圳)有限公司 | Service processing method and device |
| CN114422510B (en) * | 2020-10-13 | 2024-04-30 | 腾讯科技(深圳)有限公司 | Service processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108718318B (en) | 2020-09-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2406251C2 (en) | Method and device for establishing security association | |
| CN108235805A (en) | Account unifying method and device and storage medium | |
| CN104219245B (en) | System and method for location based service-orientated user privacy protection | |
| WO2008116060A1 (en) | Secure electronic messaging system requiring key retrieval for deriving decryption key | |
| CN101582906A (en) | Key agreement method and device | |
| CN101388777B (en) | Third party authentication method and system for cross-system access in communication system | |
| CN106301788A (en) | A kind of group key management method supporting authenticating user identification | |
| CN113014379B (en) | Three-party authentication and key agreement method, system and computer storage medium supporting cross-cloud domain data sharing | |
| Gürgens et al. | On the security of fair non-repudiation protocols | |
| CN105959105A (en) | Data transmission method and data transmission device | |
| Cai et al. | A privacy-preserving scheme for interactive messaging over online social networks | |
| CN110708337B (en) | Big data security framework system based on identity authentication | |
| Yadav et al. | Automatic detection of fake key attacks in secure messaging | |
| CN108718318A (en) | Health online basic-level hygiene performance assessment information system | |
| CN109889329A (en) | Anti- quantum calculation wired home quantum communications method and system based on quantum key card | |
| CN107615704A (en) | A kind of device, method and system of the anti-fishing of network | |
| EP1102429A2 (en) | Electronic authentication system | |
| CN1954577A (en) | Anonymous integrity of transmitted data | |
| Wang et al. | Cloud-assisted key distribution in batch for secure real-time mobile services | |
| CN116599653A (en) | Dynamic security management method, system and storage medium for satellite communication network | |
| CN109587099A (en) | One kind carrying out guard method and device to privacy of user in Video chat | |
| Schliep et al. | Consistent synchronous group off-the-record messaging with sym-gotr | |
| CN109451009A (en) | A kind of point-to-point instant communicating method | |
| CN102014136B (en) | Peer to peer (P2P) network secure communication method based on random handshake | |
| CN1929377B (en) | Method and system for communication identification query |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: Room 310, 3 / F, building 2, Dezhong Plaza, No. 1, Huizhan East Road, Torch Development Zone, Zhongshan City, Guangdong Province Patentee after: GUANGDONG HEALTH ONLINE INFORMATION TECHNOLOGY Co.,Ltd. Address before: 708, room 7, building 16, digital building, 528437 East Conference Road, Torch Development Zone, Guangdong, Zhongshan Patentee before: GUANGDONG HEALTH ONLINE INFORMATION TECHNOLOGY Co.,Ltd. |