CN108898026A - Data ciphering method and device - Google Patents

Data ciphering method and device Download PDF

Info

Publication number
CN108898026A
CN108898026A CN201810691168.XA CN201810691168A CN108898026A CN 108898026 A CN108898026 A CN 108898026A CN 201810691168 A CN201810691168 A CN 201810691168A CN 108898026 A CN108898026 A CN 108898026A
Authority
CN
China
Prior art keywords
encryption
encryption equipment
ciphertext
sent
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810691168.XA
Other languages
Chinese (zh)
Other versions
CN108898026B (en
Inventor
夏小亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taikang Insurance Group Co Ltd
Original Assignee
Taikang Insurance Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taikang Insurance Group Co Ltd filed Critical Taikang Insurance Group Co Ltd
Priority to CN201810691168.XA priority Critical patent/CN108898026B/en
Publication of CN108898026A publication Critical patent/CN108898026A/en
Application granted granted Critical
Publication of CN108898026B publication Critical patent/CN108898026B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the present invention provides a kind of data ciphering method and device, this method include:Receive the data encryption request that application program is sent, the first connecting interface is selected from the multiple interfaces for establishing connection between the encryption equipment, and data encryption request is sent to by encryption equipment by first connecting interface, receive encryption equipment return carries out encrypted ciphertext to be-encrypted data, the ciphertext is sent to the application program, the simplification of encryption equipment external interface and the encryption of data are realized, the workload of developer is alleviated and improves encryption efficiency and encryption success rate.

Description

Data ciphering method and device
Technical field
The present invention relates to field of communication technology more particularly to a kind of data ciphering methods and device.
Background technique
With the rapid development of mobile Internet, public higher and higher to the attention degree of information security, allow user to obtain It also to maintain secrecy to the information of user while good experience.During information security is by more concerns, often Domestic encryption equipment is often used to encrypt important information.
The encipherment scheme provided at present is that user sends CIPHERING REQUEST to encryption equipment, after encryption equipment will be encrypted to ciphertext in plain text It returns again to user.But the problem of process, is that domestic encryption equipment provides a variety of connection types, the application journey for needing to encrypt Sequence, which needs to configure different Connecting quantities, can just send a request to domestic encryption equipment, increase developer's workload;And adding In the case where close request transmitted in parallel, domestic encryption equipment, which will appear, to be busy with one's work, and the request to domestic encryption equipment is caused to will appear Time-out needs to retransmit CIPHERING REQUEST, reduces the efficiency and success rate of encryption.
In conclusion being directed to current encipherment scheme, application program, which needs to configure different Connecting quantities and could send, is asked Ask to domestic encryption equipment, increase developer's workload, and when encryption equipment receives multiple CIPHERING REQUESTs simultaneously, encryption equipment by Cause CIPHERING REQUEST time-out occur in being busy with one's work, reduces encryption efficiency and success rate.
Summary of the invention
The present invention provides a kind of data ciphering method and device, needs to configure different companies for solving above-mentioned application program Domestic encryption equipment can just be sent a request to by connecing parameter, increase developer's workload, and when encryption equipment receives multiple add simultaneously The problem of when close request, encryption equipment causes CIPHERING REQUEST time-out occur due to being busy with one's work, and reduces encryption efficiency and success rate. First aspect present invention provides a kind of data ciphering method, including:
Receive the data encryption request that the application program is sent;
The first connecting interface is selected from the multiple interfaces for establishing connection between the encryption equipment;
Encryption equipment is sent to by first connecting interface and by data encryption request;Wherein, the data add Close request carries the be-encrypted data of application program in plain text;
Optionally, described that the ciphertext is sent to the application program, including:
If the encryption equipment returns to the ciphertext time and is less than preset time threshold, the ciphertext is sent to the application Program.
Optionally, described that the ciphertext is sent to the application program, further include:
Step (1):If it is more than preset time threshold that the encryption equipment, which returns to the ciphertext time, selected from the multiple interface Select second connecting interface;
Step (2):The data encryption request is sent again to the encryption equipment by second connecting interface, and is connect Receive the ciphertext that the encryption equipment returns;
Step (3):Step (1) and (2) is repeated until the encryption equipment returns to the ciphertext time in second connecting interface When within corresponding time threshold, the ciphertext is sent to the application program.Optionally, it is described from the encryption equipment it Between establish in multiple interfaces of connection and select the first connecting interface, including:
According to the first connecting interface described in preset interface type sequential selection.
Optionally, described that the first connecting interface, packet are selected from the multiple interfaces for establishing connection between the encryption equipment It includes:
According to the idle state of each interface, first connecting interface is selected, first connecting interface is multiple connects Idle interface in mouthful.
Optionally, the method also includes:
If not receiving the data encryption request that the application program is sent in preset duration, sent out to the encryption equipment Predetermined encryption is sent to request;
If receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, it is determined that the encryption equipment connects Connect pond connect with the encryption equipment it is available;If it is corresponding close not receive the predetermined encryption request that the encryption equipment returns Text is initiated the connection to the encryption equipment again.
Optionally, the connecting interface includes:HTTP rest interface, Socket interface, Soap interface.
Second aspect of the present invention provides a kind of data encryption device, including:
Receiving module, for receiving the data encryption request of application program transmission;
Processing module, for selecting the first connecting interface from the multiple interfaces for establishing connection between encryption equipment;
Sending module, for data encryption request to be sent to the encryption equipment by first connecting interface; Wherein, the data encryption request carries the be-encrypted data of application program in plain text;
The receiving module is also used to receive the encrypted close to be-encrypted data progress of the encryption equipment return Text;
The sending module is also used to the ciphertext being sent to the application program.
Optionally, the sending module is specifically used for:
If the encryption equipment returns to the ciphertext time and is less than preset time threshold, the ciphertext is sent to the application Program.
Optionally, the processing module is also used to:
Step (1) is selected from the multiple interface if it is more than preset time threshold that the encryption equipment, which returns to the ciphertext time, Select the second connecting interface;
Optionally, the sending module is also used to:Step (2) by second connecting interface to the encryption equipment again Send the data encryption request;The receiving module 11 is also used to:Receive the ciphertext that the encryption equipment returns;
Optionally, step (1) and (2) is repeated until the encryption equipment returns to the ciphertext time in second connecting interface pair When within the time threshold answered, the sending module 13 is used to the ciphertext being sent to the application program.
Optionally, the processing module is specifically used for:
According to the first connecting interface described in preset interface type sequential selection.
Optionally, the processing module is specifically used for:
According to the idle state of each interface, first connecting interface is selected, first connecting interface is multiple connects Idle interface in mouthful.
Optionally, the sending module is also used to:
If not receiving the data encryption request that the application program is sent in preset duration, sent out to the encryption equipment Predetermined encryption is sent to request;
Optionally, the processing module is also used to:
If receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, it is determined that the encryption equipment connects Connect pond connect with the encryption equipment it is available;
Optionally, the sending module is also used to:
If not receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, again to the encryption Machine initiates the connection.
Optionally, the connecting interface includes:
HTTP rest interface, Socket interface, Soap interface.
Third aspect present invention provides a kind of computer readable storage medium, and the computer-readable recording medium storage has Computer program, terminal device execute the computer program and realize the described in any item data ciphering methods of first aspect.
Fourth aspect present invention provides a kind of electronic equipment, including:Processor, memory and computer program;It is described Computer program stores in the memory, and the processor executes the computer program and realizes any one of first aspect institute The data ciphering method stated.
Method, apparatus, equipment and the storage medium of data encryption provided in an embodiment of the present invention, by receiving application program The data encryption of transmission is requested, and the first connecting interface is selected from the multiple interfaces for establishing connection between the encryption equipment, and lead to Cross first connecting interface by the data encryption request be sent to encryption equipment, then receive the encryption equipment return to be-encrypted data Encrypted ciphertext is carried out, which is sent to the application program, realizes the simplification of encryption equipment external interface and to data Encryption, alleviate the workload of developer and improve encryption efficiency and success rate.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the flow chart of data ciphering method embodiment one provided in an embodiment of the present invention;
Fig. 2 is the flow chart of data ciphering method embodiment two provided in an embodiment of the present invention;
Fig. 3 is the schematic diagram of data ciphering method embodiment two provided in an embodiment of the present invention
Fig. 4 is the structural schematic diagram of data encryption device embodiment provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art All other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
The encipherment scheme provided at present is that user sends CIPHERING REQUEST to encryption equipment, after encryption equipment will be encrypted to ciphertext in plain text It returns again to user.But the problem of process, is that domestic encryption equipment provides a variety of connection types, the application journey for needing to encrypt Sequence, which needs to configure different Connecting quantities, can just send a request to domestic encryption equipment, increase developer's workload;And adding In the case where close request transmitted in parallel, domestic encryption equipment, which will appear, to be busy with one's work, and the request to domestic encryption equipment is caused to will appear Time-out needs to retransmit CIPHERING REQUEST, reduces the efficiency and success rate of encryption.
In view of the above-mentioned problems, the application provides a kind of data ciphering method, more effective more easily data encryption is provided Implementation improves the efficiency and success rate of encryption.The program is introduced below by concrete implementation mode.
Data ciphering method provided by the present application can be applied in server, personal computer (personal Computer, PC), in the equipment such as mobile phone, which includes at least:One or more processors and one or more storages Device, can also be including display, transceiver, network interface or other interfaces etc., with no restrictions to this this programme.
Below by several specific embodiments, this programme is described in detail.
Fig. 1 is the flow chart of data ciphering method embodiment one provided in an embodiment of the present invention, as shown in Figure 1, of the invention Executing subject be encryption equipment connection pool, may be mounted at installation application program equipment or other equipment on, can specifically pass through Software program is realized.Data ciphering method provided in this embodiment includes:
S101, the data encryption request that application program is sent is received.
In this step, which can be server system or the background program of terminal device.Due to service Store important data in device system, it will usually encrypt, be checked in the server system to server system data It needs to input in plain text when information, this can be that one 6 comprising upper and lower case letter or 4 characters, this programme do not limit in plain text System.When the hacker attack server system backstage, due to relatively easy in plain text, it is easy to be cracked, so as to cause the service Significant data leakage in device system.Therefore it after the completion of password is arranged, needs that this is encrypted in plain text, in this way at this The corresponding ciphertext of the plaintext can only be got in the database of application program, since the ciphertext is difficult to crack, to prevent letter The leakage of breath.
Specifically, which can receive the carrying of the application program transmission of server system or terminal device There is the request of be-encrypted data encryption of plaintext, so that the CIPHERING REQUEST is sent to encryption equipment by the encryption equipment connection pool, so that plus Close machine encrypts this in plain text.Since the encryption equipment connection pool externally only provides HTTP rest interface service, i.e. application program Data interaction can only be carried out by HTTP rest interface and the encryption equipment connection pool, no longer mentioned in the prior art, this is answered The multiple interfaces provided with program by encryption equipment will send CIPHERING REQUEST to encryption equipment.
S102, the first connecting interface is selected from the multiple interfaces for establishing connection between encryption equipment.
In above-mentioned steps, since encryption equipment provides multiple interfaces, encryption equipment connection pool needs that an interface is selected to send Data encryption is requested to encryption equipment, the preset interface type sequence in encryption equipment connection pool, for example is preset interfacing order 1 and be HTTP rest interface, 2 be Socket interface, and 3 be Soap interface, according to the sequential selection HTTP rest of preset interface type Interface is the first connecting interface;Alternatively, first connecting interface is selected according to the idle state of each interface, if some time A large amount of CIPHERING REQUEST is sent by HTTP rest interface, however sends seldom CIPHERING REQUEST by Socket interface, to prevent Encryption equipment processing time-out, can choose Socket interface as the first connecting interface;Alternatively, there is multiple interfaces to have seldom add Close request, the sequence or random fashion for being referred to above-mentioned preset interface select the first connecting interface.
S103, data encryption request is sent to by the encryption equipment by first connecting interface.
In this step, which can provide the services such as encryption, digital signature, management key, and can support more Kind cryptographic algorithm, such as public key algorithm, elliptic curve cipher clue, symmetry algorithm, can also provide a variety of connecting interfaces and send out Mode, such as HTTP rest interface, Socket interface, Soap interface are sent, may be implemented and external equipment by these interfaces Data interaction, when encryption equipment receives the be-encrypted data encryption of plaintext request of the carrying application program of encryption equipment connection pool forwarding Afterwards, this in plain text after the processing of the cryptographic algorithm of encryption equipment, the output of the encryption equipment is the corresponding ciphertext in plain text, same In plain text by different cryptographic algorithms processing, obtained ciphertext be all it is different, this programme is with no restrictions.
Encryption equipment connection pool requests the data encryption to be sent to the encryption equipment by the connecting interface that encryption equipment provides, and one It plants in specific implementation, the interface for selecting this CIPHERING REQUEST to use according to the idle state of connecting interface, it is assumed that at the same it is big The CIPHERING REQUEST of amount is sent to encryption equipment by Socket interface, and seldom by the request that HTTP rest interface sends encryption, Therefore CIPHERING REQUEST can be sent to encryption equipment as the first connecting interface using HTTP rest interface.Alternatively, selecting at random The sending method of CIPHERING REQUEST randomly chooses a connecting interface and sends when needing to send data encryption and requesting to encryption equipment CIPHERING REQUEST is to encryption equipment.
Optionally, if the encryption equipment connection pool does not receive CIPHERING REQUEST in preset duration, encryption equipment connection pool can be examined Whether the connection for looking into the encryption equipment connection pool and each connecting interface of the encryption equipment is normal, specifically, the encryption equipment connection pool The request for carrying predetermined encryption can be sent to the encryption equipment by each connecting interface respectively, if connecing respectively by each interface The predetermined encryption for receiving encryption equipment return requests corresponding ciphertext, it is determined that the encryption equipment connection pool is connected with the encryption equipment It can use;If due to network cause or other factors cause to be not received by by some interface encryption equipment return this it is default plus It is close to request corresponding ciphertext, then illustrate that the encryption equipment connection pool and the encryption equipment are unavailable by the connection of the interface, the encryption Machine connection pool can send CIPHERING REQUEST to encryption equipment again through the interface.
Wherein, preset duration can be user's preset time, if encryption equipment is more than that preset duration does not connect When receiving CIPHERING REQUEST, then need to check whether the connection of encryption equipment connection pool and encryption equipment exception occurs.
S104, receive encryption equipment return encrypted ciphertext is carried out to be-encrypted data.
In this step, the application program be-encrypted data in plain text by the cryptographic algorithm of the encryption equipment processing after, For this, corresponding ciphertext, encryption equipment connection pool can receive ciphertext, Yi Zhongshi by above-mentioned different connecting interface in plain text for output In existing mode, encryption equipment connection pool can be sent to the connecting interface of encryption equipment according to CIPHERING REQUEST corresponding to the ciphertext to connect Ciphertext is received, for example, the data encryption request for carrying the be-encrypted data plaintext of the application program is sent by HTTP rest interface To encryption equipment, then the encryption equipment connection pool is also by the HTTP rest interface corresponding ciphertext of plaintext.Alternatively, the encryption Machine connection pool can be randomly chosen connecting interface and receive ciphertext, and this programme is with no restrictions.
S105, the ciphertext is sent to the application program.
In this step, ciphertext is sent to application program in encryption equipment connection pool, application program is receiving encryption equipment After the ciphertext that connection pool returns, in the database by ciphertext storage, so as to when accessing to the data in database, It can be verified according to the ciphertext.
Data ciphering method provided in this embodiment, encryption equipment connection pool receive the data encryption that application program is sent and ask It asks, the first connecting interface is selected from the multiple interfaces for establishing connection between the encryption equipment, and pass through first connecting interface Data encryption request is sent to encryption equipment, then receives the encrypted close to be-encrypted data progress of encryption equipment return Then the ciphertext is sent to the application program by text, realize the simplification of encryption equipment external interface and the encryption of data, alleviate The workload of developer simultaneously improves encryption efficiency and success rate.
On the basis of the method for above-described embodiment one, Fig. 2 is data ciphering method provided in an embodiment of the present invention implementation The flow chart of example two.As shown in Fig. 2, ciphertext, which is sent to application program, specifically includes following steps:
S301, judge that encryption equipment returns to whether the ciphertext time is more than preset time threshold, if so, step 302 is executed, if It is no, execute step 305.
S302, the second connecting interface is selected from multiple interfaces.
S303, data encryption request is sent to the encryption equipment by second connecting interface again.
S304, judge that encryption equipment returns to whether the ciphertext time is more than preset time threshold, if so, 302 are returned to step, If it is not, executing step 305.
S305, the ciphertext for receiving encryption equipment return.
Encryption equipment connection pool can return to the time threshold of ciphertext with predetermined encryption machine, which can be according to user's need Setting is asked, for example returns to the control of ciphertext time within the regular hour, convenient for executing subsequent operation.Alternatively, the preset time threshold Value can be set according to history encryption times, and the return ciphertext time can be more than a kind of possible mode of the preset time threshold to be added Close machine failed encryption or encryption equipment response timeout.
In above-mentioned steps, if encryption equipment returns to the ciphertext time and is less than preset time threshold, which will The ciphertext received is sent to the application program by HTTP rest interface;Threshold value when the preset time is exceeded then repeats above-mentioned step Rapid S302-S304 reselects the second connecting interface, until the encryption equipment returns to the ciphertext time within preset time threshold, The ciphertext is sent to the application program again.
The program is illustrated using a specific embodiment below, as shown in figure 3, Fig. 3 mentions for the embodiment of the present invention The schematic diagram of the data ciphering method embodiment two of confession.
Assuming that the encryption equipment connection pool 402, which can preset encryption equipment 403, passes through whole interfaces return ciphertext times Threshold value is t seconds, if the time for returning to ciphertext by HTTP rest interface in t seconds, encrypts success, encryption equipment connection pool 402 The ciphertext is sent to the application program 401 by HTTP rest interface;If being connect by HTTP rest interface i.e. first The time that mouth returns to ciphertext is more than t seconds, then encryption equipment connection pool 402 cancels this CIPHERING REQUEST, and reselection Socket interface is made CIPHERING REQUEST is sent for the second connecting interface and returns to ciphertext, when the time for returning to ciphertext is in t seconds, is encrypted successfully, encryption equipment The ciphertext is sent to the application program 401 by connection pool 402;If the time for returning to ciphertext is more than t seconds, encryption equipment connection pool 402, which reselect the second connecting interface, sends CIPHERING REQUEST and returns to ciphertext, until returning to the time of ciphertext in t seconds.
Data ciphering method provided in this embodiment, if encryption equipment returns to the ciphertext time and is less than preset time threshold, The ciphertext is sent to the application program;If it is more than preset time threshold, encryption equipment connection pool that encryption equipment, which returns to the ciphertext time, The second connecting interface is selected, data encryption is sent to the encryption equipment by second connecting interface again and requests and receives the encryption The ciphertext that machine returns, if being less than preset time threshold by the time that the second connecting interface returns to ciphertext, which connects It connects pond and the ciphertext is sent to the application program;If being more than preset time threshold by the time that the second connecting interface returns to ciphertext Value, then reselect the second connecting interface, until the encryption equipment returns to the ciphertext time within preset time threshold, finally encrypts The ciphertext is sent to the application program by machine connection pool, realizes the encryption of data, is improved the efficiency of encryption and is encrypted successfully Rate.
Fig. 4 is the structural schematic diagram of data encryption device embodiment provided in an embodiment of the present invention, as shown in figure 4, this reality Applying 10 device of data encryption device that example provides includes:Receiving module 11, processing module 12, sending module 13.
Receiving module 11, for receiving the data encryption request of application program transmission;
Processing module 12, for selecting the first connecting interface from the multiple interfaces for establishing connection between encryption equipment;
Sending module 13, for data encryption request to be sent to the encryption by first connecting interface Machine;Wherein, the data encryption request carries the be-encrypted data of application program in plain text;
The receiving module 11 is also used to receive the encrypted to be-encrypted data progress of the encryption equipment return Ciphertext;
The sending module 13 is also used to the ciphertext being sent to the application program.
Optionally, the sending module 13 is specifically used for:
If the encryption equipment returns to the ciphertext time and is less than preset time threshold, the ciphertext is sent to the application Program.
Optionally, the processing module 12 is also used to:
Step (1) is selected from the multiple interface if it is more than preset time threshold that the encryption equipment, which returns to the ciphertext time, Select the second connecting interface;
Optionally, the sending module 13 is also used to:Step (2) by second connecting interface to the encryption equipment again It is secondary to send the data encryption request;The receiving module 11 is also used to:Receive the ciphertext that the encryption equipment returns;
Optionally, step (1) and (2) is repeated until the encryption equipment returns to the ciphertext time in second connecting interface pair When within the time threshold answered, the sending module 13 is used to the ciphertext being sent to the application program.
Optionally, the processing module 12 is specifically used for:
According to the first connecting interface described in preset interface type sequential selection.
Optionally, the processing module 12 is specifically used for:
According to the idle state of each interface, first connecting interface is selected, first connecting interface is multiple connects Idle interface in mouthful.
Optionally, the sending module 13 is also used to:
If not receiving the data encryption request that the application program is sent in preset duration, sent out to the encryption equipment Predetermined encryption is sent to request;
Optionally, the processing module 12 is also used to:
If receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, it is determined that the encryption equipment connects Connect pond connect with the encryption equipment it is available;
Optionally, the sending module 13 is also used to:
If not receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, again to the encryption Machine initiates the connection.
Optionally, the connecting interface includes:
HTTP rest interface, Socket interface, Soap interface.
Data encryption device provided by the above embodiment provides data ciphering method for realizing aforementioned any embodiment, That the realization principle and technical effect are similar is similar for it, and details are not described herein.
The present invention provides a kind of computer readable storage medium, and the computer-readable recording medium storage has computer journey Sequence, terminal device execute the computer program and realize the described in any item data ciphering methods of first aspect.
The present invention also provides a kind of electronic equipment, including:Processor, memory and computer program;The computer Program stores in the memory, and the processor executes the computer program and realizes the described in any item numbers of first aspect According to encryption method.
In above equipment, it should be appreciated that processor can be central processing unit (English:Central Processing Unit, referred to as:CPU), it can also be other general processors, digital signal processor (English:Digital Signal Processor, referred to as:DSP), specific integrated circuit (English:Application Specific Integrated Circuit, referred to as:ASIC) etc..General processor can be microprocessor or the processor is also possible to any conventional place Manage device etc..The step of method in conjunction with disclosed in the embodiment of the present invention, can be embodied directly in hardware processor and execute completion, or Hardware and software module combination in person's processor execute completion.
Those of ordinary skill in the art will appreciate that:Realize that all or part of the steps of above-mentioned each method embodiment can lead to The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned includes:Read-only memory (English Text:Read-only memory, abbreviation:ROM), RAM, flash memory, hard disk, solid state hard disk, tape (English:magnetic Tape), floppy disk (English:Floppy disk), CD (English:Optical disc) and any combination thereof.
Finally it should be noted that:The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Present invention has been described in detail with reference to the aforementioned embodiments for pipe, those skilled in the art should understand that:Its according to So it is possible to modify the technical solutions described in the foregoing embodiments,
Or equivalent substitution of some or all of the technical features;And these are modified or replaceed, and are not made The essence of corresponding technical solution departs from the scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. a kind of data ciphering method is applied to encryption equipment connection pool, which is characterized in that including:
Receive the data encryption request that application program is sent;
The first connecting interface is selected from the multiple interfaces for establishing connection between encryption equipment;
Data encryption request is sent to the encryption equipment by first connecting interface;Wherein, the data encryption Request carries the be-encrypted data of application program in plain text;
Receive the encryption equipment return carries out encrypted ciphertext to the be-encrypted data;
The ciphertext is sent to the application program.
2. being wrapped the method according to claim 1, wherein described be sent to the application program for the ciphertext It includes:
If the encryption equipment returns to the ciphertext time and is less than preset time threshold, the ciphertext is sent to described using journey Sequence.
3. according to the method described in claim 2, it is characterized in that, described be sent to the application program for the ciphertext, also Including:
Step (1):If it is more than preset time threshold that the encryption equipment, which returns to the ciphertext time, the is selected from the multiple interface Two connecting interfaces;
Step (2):The data encryption request is sent again to the encryption equipment by second connecting interface, and receives institute State the ciphertext of encryption equipment return;
Step (3):Step (1) is repeated with (2) until the encryption equipment return ciphertext time is corresponding in second connecting interface Time threshold within when, the ciphertext is sent to the application program.
4. method according to any one of claims 1 to 3, which is characterized in that described to be established between the encryption equipment The first connecting interface is selected in multiple interfaces of connection, including:
According to the first connecting interface described in preset interface type sequential selection.
5. method according to any one of claims 1 to 3, which is characterized in that described to be established between the encryption equipment The first connecting interface is selected in multiple interfaces of connection, including:
According to the idle state of each interface, first connecting interface is selected, first connecting interface is in multiple interfaces Idle interface.
6. method according to any one of claims 1 to 3, which is characterized in that the method also includes:
If not receiving the data encryption request that the application program is sent in preset duration, sent to the encryption equipment pre- If CIPHERING REQUEST;
If receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, it is determined that the encryption equipment connection pool It is connect with the encryption equipment available;If not receiving the predetermined encryption that the encryption equipment returns requests corresponding ciphertext, Again it is initiated the connection to the encryption equipment.
7. the method according to claim 1, wherein the connecting interface includes:HTTP rest interface, Socket interface, Soap interface.
8. a kind of data encryption device, which is characterized in that including:
Receiving module, for receiving the data encryption request of application program transmission;
Processing module, for selecting the first connecting interface from the multiple interfaces for establishing connection between encryption equipment;
Sending module, for data encryption request to be sent to the encryption equipment by first connecting interface;Wherein, The data encryption request carries the be-encrypted data of application program in plain text;
The receiving module is also used to receive that the encryption equipment returns carries out encrypted ciphertext to the be-encrypted data;
The sending module is also used to the ciphertext being sent to the application program.
9. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey Sequence, electronic equipment execute the computer program and realize the described in any item data ciphering methods of claim 1 to 7.
10. a kind of electronic equipment, which is characterized in that including:Processor, memory and computer program;The computer journey Sequence stores in the memory, and the processor executes the computer program and realizes that claim 1 to 7 is described in any item Data ciphering method.
CN201810691168.XA 2018-06-28 2018-06-28 Data encryption method and device Active CN108898026B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810691168.XA CN108898026B (en) 2018-06-28 2018-06-28 Data encryption method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810691168.XA CN108898026B (en) 2018-06-28 2018-06-28 Data encryption method and device

Publications (2)

Publication Number Publication Date
CN108898026A true CN108898026A (en) 2018-11-27
CN108898026B CN108898026B (en) 2020-09-01

Family

ID=64346884

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810691168.XA Active CN108898026B (en) 2018-06-28 2018-06-28 Data encryption method and device

Country Status (1)

Country Link
CN (1) CN108898026B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981671A (en) * 2019-04-03 2019-07-05 北京深思数盾科技股份有限公司 Data processing method and encryption equipment based on encryption equipment
CN110753320A (en) * 2019-09-25 2020-02-04 株洲凯创技术有限公司 Train-mounted encryption device and train-mounted encryption machine
CN113609514A (en) * 2021-10-09 2021-11-05 苏州浪潮智能科技有限公司 Cloud hard disk encryption and decryption method, device and system and readable storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102902536A (en) * 2012-09-14 2013-01-30 杭州泛和科技有限公司 Computer system of Internet of things
CN203689509U (en) * 2013-11-06 2014-07-02 唐山蓝普科技有限公司 High-safety data storage equipment
CN105843669A (en) * 2016-03-21 2016-08-10 浪潮集团有限公司 TPM encryption based virtual machine data protection method
CN106506149A (en) * 2016-11-07 2017-03-15 福建星海通信科技有限公司 Key generation method and system between a kind of TBOX terminals and TSP platforms
CN107040589A (en) * 2017-03-15 2017-08-11 西安电子科技大学 The system and method for cryptographic service is provided by virtualizing encryption device cluster
CN107330318A (en) * 2017-06-30 2017-11-07 中国航空工业集团公司雷华电子技术研究所 A kind of binding encryption method of digital signal panel card and its debugging system
CN107818265A (en) * 2017-10-23 2018-03-20 中国银行股份有限公司 Encryption method, device and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102902536A (en) * 2012-09-14 2013-01-30 杭州泛和科技有限公司 Computer system of Internet of things
CN203689509U (en) * 2013-11-06 2014-07-02 唐山蓝普科技有限公司 High-safety data storage equipment
CN105843669A (en) * 2016-03-21 2016-08-10 浪潮集团有限公司 TPM encryption based virtual machine data protection method
CN106506149A (en) * 2016-11-07 2017-03-15 福建星海通信科技有限公司 Key generation method and system between a kind of TBOX terminals and TSP platforms
CN107040589A (en) * 2017-03-15 2017-08-11 西安电子科技大学 The system and method for cryptographic service is provided by virtualizing encryption device cluster
CN107330318A (en) * 2017-06-30 2017-11-07 中国航空工业集团公司雷华电子技术研究所 A kind of binding encryption method of digital signal panel card and its debugging system
CN107818265A (en) * 2017-10-23 2018-03-20 中国银行股份有限公司 Encryption method, device and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981671A (en) * 2019-04-03 2019-07-05 北京深思数盾科技股份有限公司 Data processing method and encryption equipment based on encryption equipment
CN110753320A (en) * 2019-09-25 2020-02-04 株洲凯创技术有限公司 Train-mounted encryption device and train-mounted encryption machine
CN110753320B (en) * 2019-09-25 2022-11-01 株洲凯创技术有限公司 Train-mounted encryption device and train-mounted encryption machine
CN113609514A (en) * 2021-10-09 2021-11-05 苏州浪潮智能科技有限公司 Cloud hard disk encryption and decryption method, device and system and readable storage medium
WO2023056742A1 (en) * 2021-10-09 2023-04-13 苏州浪潮智能科技有限公司 Cloud hard disk encryption method, apparatus and system, cloud hard disk decryption method, apparatus and system, and readable storage medium

Also Published As

Publication number Publication date
CN108898026B (en) 2020-09-01

Similar Documents

Publication Publication Date Title
CN108512846B (en) Bidirectional authentication method and device between terminal and server
CN109471710B (en) Task request processing method and device, processor, terminal and server
CN109347835A (en) Information transferring method, client, server and computer readable storage medium
WO2020042822A1 (en) Cryptographic operation method, method for creating work key, and cryptographic service platform and device
CN108540433B (en) User identity verification method and device
US20150358167A1 (en) Certificateless Multi-Proxy Signature Method and Apparatus
CN102055730A (en) Cloud processing system, cloud processing method and cloud computing agent device
CN106341234A (en) Authorization method and device
CN109842616B (en) Account binding method and device and server
CN109981576B (en) Key migration method and device
CN108898026A (en) Data ciphering method and device
CN115473655B (en) Terminal authentication method, device and storage medium for access network
CN115208701B (en) Data packet selective encryption method and device
KR20190052033A (en) Transient transaction server
CN111246407B (en) Data encryption and decryption method and device for short message transmission
CN113992427B (en) Data encryption sending method and device based on adjacent nodes
CN107948210A (en) A kind of login method, device, client, server and medium
CN111478974A (en) Network connection method and device, electronic equipment and readable storage medium
CN109302425A (en) Identity identifying method and terminal device
JP5485452B1 (en) Key management system, key management method, user terminal, key generation management device, and program
CN112637138A (en) Method and related device for realizing multi-server secret-free login
CN114866247B (en) Communication method, device, system, terminal and server
CN116011590A (en) Federal learning method, device and system
CN111125734B (en) Data processing method and system
JP4891035B2 (en) Cryptographic protocol generation apparatus, cryptographic protocol generation method and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant