CN110266641B - Information reading method, system, device and computer readable storage medium - Google Patents
Information reading method, system, device and computer readable storage medium Download PDFInfo
- Publication number
- CN110266641B CN110266641B CN201910395226.9A CN201910395226A CN110266641B CN 110266641 B CN110266641 B CN 110266641B CN 201910395226 A CN201910395226 A CN 201910395226A CN 110266641 B CN110266641 B CN 110266641B
- Authority
- CN
- China
- Prior art keywords
- information
- server
- processing server
- terminal
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 107
- 238000003860 storage Methods 0.000 title claims description 47
- 230000003014 reinforcing effect Effects 0.000 claims abstract description 153
- 230000010365 information processing Effects 0.000 claims abstract description 124
- 238000004891 communication Methods 0.000 claims abstract description 24
- 238000004422 calculation algorithm Methods 0.000 claims description 86
- 238000012545 processing Methods 0.000 claims description 25
- 238000013507 mapping Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 8
- 238000007596 consolidation process Methods 0.000 claims description 7
- 230000002787 reinforcement Effects 0.000 claims description 4
- 230000015654 memory Effects 0.000 description 30
- 230000008569 process Effects 0.000 description 16
- 230000006870 function Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 9
- 230000003993 interaction Effects 0.000 description 6
- 230000004044 response Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000002085 persistent effect Effects 0.000 description 4
- 238000013478 data encryption standard Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000009826 distribution Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 235000019800 disodium phosphate Nutrition 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 241001627955 Tetraodon lineatus Species 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The application provides an information reading method and device, relates to the field of communication, and aims to prevent illegal persons from imitating mobile phone cards with non-real-name authentication by authenticating a drive of an information acquisition terminal and encrypting identity information read by the information acquisition terminal. The method comprises the following steps: the information processing server acquires a target driving program corresponding to the type of the information acquisition terminal; the information processing server determines that a driver and a target driver of the information acquisition terminal meet a first preset condition, and acquires data information from the information acquisition terminal; the information processing server encrypts the data information to obtain encrypted data information; the information processing server sends the encrypted data information to the information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain the data information and storing the data information. For improving the authenticity of the acquired data.
Description
Technical Field
The present application relates to the field of communications, and in particular, to an information reading method and apparatus.
Background
For communication security, the mobile phone card needs to be authenticated by using identity information provided by the user. However, in the current mobile phone card market, there still exist a large number of mobile phone cards with non-real-name authentication forged by non-real identity information. Illegal persons can carry out activities with serious political and social hazards such as fraud, law violation, pornography, even terrorism and the like through mobile phone cards with non-real-name authentication.
The present identity information reading system 100, as shown in fig. 1, includes: an information acquisition terminal 101 (such as a card reader), a host terminal 102 and a background server 103; wherein, the host terminal 102 includes: a Universal Serial Bus (USB) interface 1021 (physical interface), a driver interface 1022, an object linking and embedding control extension (OCX) control 1023 (application programming interface (API)), and a world wide WEB (WEB) browser.
After the information acquisition terminal 101 and the host terminal 102 are connected through the USB interface 1021, the driver interface 1022 and the compliance OCX control 1023, and the information acquisition terminal 101 detects a click operation, the information acquisition terminal 101 performs a card reading operation, reads the identity information of the user, and sends the identity information of the user to the background server 103 sequentially through the USB interface 1021, the driver interface 1022 and the compliance OCX control 1023, and the background server 103 stores an association relationship between the identity information and the mobile phone card of the user, so as to perform real-name authentication on the mobile phone card.
The identity card binding method provided by the manufacturer is a public and unified method at present. Illegal persons can read the identity information by imitating a hardware information acquisition terminal 101 in an identity information reading system 100 as shown in fig. 1; or directly invade the host terminal 102, and write in a forged software simulation information acquisition terminal and/or a corresponding software simulation driver and/or simulation OCX in the host terminal 102 to upload identity information irrelevant to the card-opening user. Thereby manufacturing the mobile phone card with non-real-name authentication. And the identity information finally acquired by the card opening system is unreal identity information.
Disclosure of Invention
The embodiment of the application provides an information reading method and device, which are used for authenticating a drive of an information acquisition terminal and encrypting identity information read by the information acquisition terminal so as to prevent illegal persons from imitating mobile phone cards with non-real-name authentication.
In order to achieve the purpose, the technical scheme is as follows:
in a first aspect, the present application provides an information reading method, including: the information processing server acquires a target driving program corresponding to the type of the information acquisition terminal; the information processing server determines that a driving program of the information acquisition terminal and the target driving program meet a first preset condition, and acquires data information from the information acquisition terminal; the information processing server encrypts the data information to obtain encrypted data information; the information processing server sends the encrypted data information to an information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain the data information and storing the data information.
In a second aspect, the present application provides another information reading method, including: the information reinforcing server receives an information calling request from an information calling terminal; wherein the information calling request comprises a first identifier; the information reinforcing server acquires data information from the information reinforcing server according to the first identification; and the information reinforcing server sends the data information to the information calling terminal.
In a third aspect, the present application provides a further information reading method, including: the information calling terminal sends an information calling request to the information reinforcing server, wherein the information calling request comprises a first identifier which is used for determining data information; and the information calling terminal receives the data information from the information reinforcing terminal.
In one possible implementation, the method further includes: and the information calling terminal receives a first identifier which is sent by the information reinforcing server and distributed for the data information.
In a fourth aspect, the present application provides an information reading system comprising: the system comprises an information reinforcing server and an information processing server, wherein the information processing server is communicated with the information reinforcing server; the information processing server is configured to execute the information reading method according to the first aspect and any one of the implementation manners of the first aspect; the information reinforcing server is configured to execute the information reading method according to the second aspect and any one implementation manner thereof.
Optionally, the system further comprises: an information invoking terminal, configured to execute the information reading method according to the third aspect and any implementation manner thereof.
In a fifth aspect, the present application provides an information reading apparatus comprising: the acquisition unit is used for acquiring a target driving program corresponding to the type of the information acquisition terminal; the processing unit is used for determining that the driver of the information acquisition terminal and the target driver meet a first preset condition and acquiring data information from the information acquisition terminal; the processing unit is further configured to encrypt the data information to obtain encrypted data information; a sending unit, configured to send the encrypted data information to an information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain the data information and storing the data information.
In a sixth aspect, the present application provides another information reading apparatus, comprising: a receiving unit, configured to receive an information call request from an information call terminal; wherein the information calling request comprises a first identifier; the processing unit is used for acquiring data information from the information reinforcing server according to the first identifier; and the sending unit is used for sending the data information to the information calling terminal by the information reinforcing server.
In a seventh aspect, the present application provides yet another information reading apparatus, including: the system comprises a sending unit, a receiving unit and a processing unit, wherein the sending unit is used for sending an information calling request to a reinforcement server, the information calling request comprises a first identifier, and the first identifier is used for determining data information; and the receiving unit is used for receiving the data information from the information reinforcing terminal.
In one possible implementation, the apparatus further includes: and the receiving unit is also used for receiving the first identifier which is sent by the information reinforcing server and distributed for the data information.
In an eighth aspect, the present application provides an information reading apparatus comprising: a processor and a communication interface; the communication interface is coupled to the processor, and the processor is configured to execute a computer program or instructions to implement the information reading method according to the first aspect and any implementation manner thereof.
In a ninth aspect, the present application provides an information reading apparatus comprising: a processor and a communication interface; the communication interface is coupled to the processor, and the processor is configured to execute a computer program or instructions to implement the information reading method according to the second aspect and any implementation manner thereof.
In a tenth aspect, the present application provides a computer-readable storage medium, wherein instructions are stored in the computer-readable storage medium, and when the instructions are executed, the information reading method according to the first aspect and any one implementation manner thereof is implemented.
In an eleventh aspect, the present application provides a computer-readable storage medium, wherein instructions are stored in the computer-readable storage medium, and when the instructions are executed, the information reading method according to the second aspect and any one implementation manner thereof is implemented.
In a twelfth aspect, the present application provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the information reading method of the first aspect and any one of the implementation manners thereof.
Thirteenth aspect the present application provides a computer program product containing instructions which, when run on a computer, cause the computer to perform the information reading method of the second aspect and any one of its implementations described above.
According to the information reading method provided by the embodiment of the application, the target driving program corresponding to the type of the information acquisition terminal is obtained through the information processing server; and the information processing server determines that the driving program of the information acquisition terminal and the target driving program meet a first preset condition, and acquires data information from the information acquisition terminal. The drive of the information acquisition terminal can be authenticated, the legality of the information acquisition terminal is guaranteed, and illegal persons are prevented from uploading false acquisition information by using a fake information acquisition terminal. The information processing server encrypts the data information to obtain encrypted data information; the information processing server sends the encrypted data information to an information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain the data information and storing the data information. The data information acquired by the information acquisition terminal can be encrypted, and illegal personnel can be prevented from tampering or replacing the acquired information uploaded by the information acquisition terminal; and ensuring that the acquired data is data really acquired by the information acquisition terminal.
Drawings
FIG. 1 is a system architecture diagram of an identity information reading system provided herein;
fig. 2 is a system architecture diagram of an information reading system according to an embodiment of the present application;
FIG. 3 is a system architecture diagram of another information reading system provided by an embodiment of the present application;
fig. 4 is a flowchart of an information reading method according to an embodiment of the present application;
fig. 5 is a flowchart illustrating an information processing server sending encrypted data information to an information reinforcing server through TLS according to an embodiment of the present application;
fig. 6 is a first schematic structural diagram of an information reading apparatus according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of an information reading apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an information reading apparatus according to an embodiment of the present application;
fig. 9 is a fourth schematic structural diagram of an information reading apparatus according to an embodiment of the present application.
Reference numerals:
100-identity information reading system; 101-an information acquisition terminal;
102-a host terminal; 103-background server;
1021-USB interface; 1022 — a driver interface;
1023-compliant OCX controls; 200-an information reading system;
201-information reinforcement server; 202-an information processing server;
203-information acquisition terminal; 204-information calling terminal;
2041-information Call front end interface; 2042-information calls back end servers.
Detailed Description
The information reading method and apparatus provided in the present application will be described in detail below with reference to the accompanying drawings.
The terms "first" and "second", etc. in the description and drawings of the present application are used for distinguishing between different objects and not for describing a particular order of the objects.
Furthermore, the terms "including" and "having," and any variations thereof, as referred to in the description of the present application, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may alternatively include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be noted that in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
In the description of the present application, the meaning of "a plurality" means two or more unless otherwise specified.
The terms referred to in this application are explained below to facilitate the understanding of the reader:
and (3) encryption algorithm: the encryption algorithm encrypts data through a certain algorithm to ensure the accuracy and the safety of the data. The basic process of data encryption is to process the original plaintext data according to some algorithm to make it an unreadable segment of code, usually called "ciphertext". After encryption, the data can only display the original content after inputting the corresponding key, and the aim of protecting the data from being stolen and read by illegal people is achieved through the way. The reverse of this process is decryption, i.e., the process of converting the encoded information into its original data.
Data encryption is generally divided into: symmetric encryption and asymmetric encryption.
Symmetric encryption, in which the same key is used for encryption and decryption, is generally referred to as symmetric encryption, and is widely used today.
Asymmetric encryption is that encryption and decryption use different keys, and usually there are two keys, called "public key" and "private key", which must be used in pair, otherwise the encrypted file cannot be opened. The public key is published to the outside, and the private key cannot be known only by a person of a holder. The advantage is that the symmetric encryption method is difficult to tell the opposite party without the secret key if the encrypted file is transmitted on the network, and the symmetric encryption method can be stolen and heard by other methods. The asymmetric encryption method has two keys, and the public key can be published, so that people can know that the recipient only needs to use the private key when decrypting, thereby well avoiding the problem of the transmission security of the keys.
After data plaintext and a key are input in an encryption algorithm, the data can be encrypted by operation of the encryption algorithm.
Common encryption algorithms include:
data Encryption Standard (DES) algorithm: the symmetric encryption algorithm has high operation speed and is suitable for occasions of encrypting a large amount of data.
3DES algorithm: the data encryption method is a symmetric encryption algorithm based on DES, and three times of encryption is performed on a block of data by using three different keys, so that the intensity is higher.
The Rivest Code (RC) 2 algorithm and the RC4 algorithm: the symmetric encryption algorithm uses a variable-length key to encrypt a large amount of data, and the operation speed is very high.
The International Data Encryption Algorithm (IDEA) provides very strong security using a 128-bit key.
RSA encryption algorithm: the RSA company invents a public key algorithm supporting variable-length keys, and the length of a file block needing to be encrypted is variable.
Digital Signature Algorithm (DSA): is a standard Decision Support System (DSS) algorithm.
Advanced Encryption Standard (AES) algorithm: the symmetric encryption algorithm is the next generation of encryption algorithm standard, and has high speed and high security level.
The globefish algorithm uses variable-length key, the length can reach 448 bits, and the running speed is very fast.
Message-digest (MD) 5 algorithm.
Public-key cryptography standards (PKCS): the system is a group of public key cryptography standards established by RSA data security company and its partners in the United states, including a series of related protocols in the aspects of certificate application, certificate updating, certificate revocation list issuing, certificate content extension, digital signature, digital envelope format and the like.
Micro-service: micro-services are a brand new architecture in a certain sense, inherit the overall idea of Service Oriented Architecture (SOA), and emphasize splitting a boulder-type application or service into tiny service applications. As is generally understood and defined, microservice refers to the development of a single small, but business-enabled service, each with its own processing and lightweight communication mechanisms, that can be deployed on a single or multiple servers. Micro-services also refer to a loosely coupled, bounded and contextual service-oriented architecture. On the aspect of service logic, the integrated logic is decomposed into more detailed logic units. On the data storage level, centralized storage can be broken down into smaller storage units as the case may be. The micro-service architecture is a structural style and a design mode, an application is divided into a series of small services, each service is concentrated on a single function and runs in an independent process, the boundaries between the services are clear, and the light-weight communication mechanisms are adopted to communicate and cooperate with each other to realize complete application, so that the requirements of services and users are met. The micro-service architecture belongs to an application technology architecture, services can be expanded and contracted independently, each service defines a clear boundary and can be maintained by an independent team.
MongoDB database: MongoDB is a product between relational databases and non-relational databases, and among the non-relational databases, the MongoDB has the most abundant functions and is most similar to the relational databases. The data structure supported by the method is very loose and is in a json-like bson format, so that more complex data types can be stored. The MongoDB database has the biggest characteristic that the MongoDB database supports very strong query language, the grammar of the MongoDB database is similar to the object-oriented query language, almost the most functions of single-table query of similar relational databases can be realized, and the MongoDB database also supports the establishment of indexes for data.
redis database: the method is a high-performance key-value database, data are stored in a memory, and the method has the following advantages that:
1. supporting multiple data types
The method comprises five data types of set, zset, list, hash and string, and is very convenient to operate. For example, if a friend system is made and the friend relationship of the friend system is checked, if other key-value systems are adopted, corresponding friends must be spliced into character strings, then values are analyzed when the friends are extracted, and redis is relatively simple and directly supports the storage of list (a storage mode of a doubly linked list or a compressed linked list is adopted).
2. Persistent storage
As an in-memory database, the most feared is that data will be lost in case of a machine crash. Redis uses rdb and aof for persistent storage of data. And generating an rdb file at the same time of master and slave data, and adding new data updating operation by using the buffer area to perform corresponding synchronization.
3. Rich characteristics
pub/sub, key expiration policy, transaction, support for multiple DBs, etc.
4. The performance is very good
Because the memory is operated by the full memory, the read-write performance is good and the frequency can reach 10 w/s.
The information reading method provided by the embodiment of the application is applied to the information reading system 200 shown in fig. 2. As shown in fig. 2, the information reading system 200 includes: an information reinforcing server 201 and an information processing server 202.
In an optional implementation manner of the embodiment of the present application, the information reading system 200 may further include: an information acquisition terminal 203 and an information calling terminal 204.
The information reinforcing server 201 has therein a plurality of encryption algorithms and drivers corresponding to the information collecting terminals 203 of each type. The information reinforcing server 201 encrypts each driver according to an encryption algorithm.
The information reinforcing server 201 also comprises a cache database and a permanent storage database. The two databases are used for storing data information (the information may be identity information on a user identity card) collected by the information collection terminal 203.
For example, the cache database may be a redis database. The redis database is used for caching data information to be called by the information calling terminal 204, and if the time for calling the data information by the information calling terminal 204 is overtime, the information reinforcing server 201 deletes the data information cached by the redis database.
For example, the persistent storage database may be a MongoDB database. The MongoDB database is used for carrying out long-term backup storage on the data information.
The information processing server 202 and the information collection terminal 203 are connected via a communication interface. The information processing server 202 is configured to perform driver authentication on the information acquisition terminal 203, and encrypt data information acquired by the information acquisition terminal 203 according to a preset encryption algorithm.
The information collecting terminal 203 is used for collecting data information and sending the collected data information to the information processing server 202.
The information collecting terminal 203 may be implemented as a card reader, and the data information may be identity information of a user. For example, when the user's ID card is placed in the card reader, the card reader reads the identity information (such as the name, ID card number, address, and expiration date of the ID card) in the user's ID card. And sends the identity information in the collected user identity card to the information processing server 202.
When the data information is stored in other positions, the information acquisition terminal generates corresponding storage identifiers (such as position links, two-dimensional codes, bar codes, uniform resource locators and the like) for the positions where the data information is stored, and can also acquire the data information at the corresponding storage positions by identifying the storage identifiers.
The information acquisition terminal 203 may also acquire data information from a corresponding information storage location by scanning a two-dimensional code, a barcode, or the like.
The information calling terminal 204 is used for calling data information from the information reinforcing server 201 and performing other processing according to the called data information. For example, the identity information in the user's identity card collected by the information collection terminal 203 is called from the information reinforcing server 201, and the identity information is bound with the mobile phone card information in the operator card writing system, so as to complete the real-name authentication of the mobile phone card.
On the basis of fig. 2, as shown in fig. 3, the information invoking terminal 204 includes an information invoking front-end interface 2041 and an information invoking back-end server 2042.
The information call front-end interface 2041 is used to provide a human-computer interaction interface, including various buttons or screen display contents prompting user operations. The human-computer interaction interface is also used for displaying data information acquired by the information acquisition terminal 203. The human-computer interaction interface performs data interaction with the information processing server 202 through a hypertext transfer protocol over secure socket layer (HTTPS).
A micro service system is provided between the information calling back-end server 2042 and the information reinforcing server 201. The information calling back-end server 2042 performs data interaction with the information reinforcing server 201 through the micro service system.
The embodiment of the present application provides an information reading method, which is applied to the information reading system shown in fig. 2 or fig. 3, and the method is executed by an information processing server. The following will describe the information reading method in detail by taking reading identity information as an example, as shown in fig. 4, the information reading method includes S401 to S407:
s401, the information processing server obtains a target driving program corresponding to the type of the information acquisition terminal.
The information acquisition terminals are provided by a plurality of equipment manufacturers, and the types of the information acquisition terminals provided by different equipment manufacturers are different; different types of information collection terminals may typically employ different drivers.
In one implementation of this step, the target driver may be stored in the information processing server, the information consolidation server, or any third-party independent storage device. When the target driver is stored in the information reinforcing server or the third-party independent device, the information processing server may establish a communication connection with the information reinforcing server or the third-party independent device, and obtain the target driver from the information reinforcing server or the third-party independent device.
S401 will be described in detail below by taking as an example that the target driver is stored in the information reinforcing server.
Specifically, a communication connection between the information collection terminal and the information processing server is first established (for example, the information collection terminal establishes a connection with the information processing server through a USB interface). The information processing server scans and identifies the terminal type of the information acquisition terminal. The information processing server obtains a driving program carried by the information acquisition terminal. And the information processing server acquires a target driving program corresponding to the information acquisition terminal from the information reinforcing server according to the terminal type of the information acquisition terminal.
S402, the information processing server determines that a driver and a target driver of the information acquisition terminal meet a first preset condition, and acquires data information from the information acquisition terminal.
The first preset condition may be: the driving program of the information acquisition terminal is the same as the target driving program.
The step can be specifically realized by comparing the target driver with the driver of the information acquisition terminal after the information processing server acquires the target driver, and judging whether the target driver and the driver are the same. If the target driving program is the same as the driving program of the information acquisition terminal, the legality of the information acquisition terminal passing through the information processing server is verified, and the information processing server determines that the information acquisition terminal is a legal terminal. The information acquisition terminal scans the identity card which is in contact with the information acquisition terminal or is positioned in the acquisition range of the information acquisition terminal, and the identity information on the identity card is determined as the data information. The information processing server acquires data information acquired by the information acquisition terminal from the information acquisition terminal.
S403, the information processing server encrypts the data information to obtain the encrypted data information.
The information processing server encrypts the data information through a preset encryption algorithm. The predetermined encryption algorithm may be any one of the aforementioned plurality of encryption algorithms. Other encryption algorithms are also possible. The preset encryption algorithm can be stored in the information processing server, the information reinforcing server or any third-party independent storage device. When the preset encryption algorithm is stored in the information reinforcing server or the third-party independent device, the information processing server can establish communication connection with the information reinforcing server or the third-party independent device, and obtain the preset encryption algorithm from the information reinforcing server or the third-party independent device.
The following describes this step in detail by taking an example in which the target driver is stored in the information reinforcing server and the data information acquired by the information acquisition device is the identity information of the user.
When the identity card of the user is in contact with the information acquisition terminal or is located in the acquisition range of the information acquisition terminal, the information acquisition terminal scans the identity card to acquire the identity information of the identity card. And the information acquisition terminal sends the data information to the information processing server. The information processing server acquires a corresponding encryption algorithm from the information reinforcing server, and encrypts the data information according to the encryption algorithm to generate encrypted data information.
In one implementation manner of this step, an encryption algorithm distribution rule is set in the information reinforcing server. After the information reinforcing server receives an encryption algorithm obtaining request of the information processing server each time, an encryption algorithm is distributed for the data information encryption according to the encryption algorithm distribution rule, and the encryption algorithm is sent to the information processing server. The information processing server receives the encryption algorithm from the information reinforcing server, encrypts the data information by using the encryption algorithm and generates encrypted data information.
S404, the information processing server sends the encrypted data information to the information reinforcing server.
The information reinforcing server is used for decrypting the encrypted data information to obtain the data information.
In one possible implementation manner of S404, the information reinforcing server may further store data information.
In one implementation of S404, the information reinforcing server includes a cache database and a persistent storage database. And the information processing server sends the encrypted data information to the information reinforcing server, and the information reinforcing server decrypts the encrypted data information to obtain the data information and stores the data information in the cache database. And the information reinforcing server stores the encrypted data information in a permanent storage database.
According to the information reading method provided by the embodiment of the application, the target driving program corresponding to the type of the information acquisition terminal is obtained through the information processing server; the information processing server determines that a driving program and a target driving program of the information acquisition terminal meet a first preset condition, and acquires data information from the information acquisition terminal. The drive of the information acquisition terminal can be authenticated, the legality of the information acquisition terminal is guaranteed, and illegal persons are prevented from uploading false acquisition information by using a fake information acquisition terminal. The information processing server encrypts the data information to obtain encrypted data information; the information processing server sends the encrypted data information to the information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain data information, storing the data information, encrypting the data information acquired by the information acquisition terminal and preventing illegal personnel from tampering or replacing the acquired information uploaded by the information acquisition terminal; and ensuring that the acquired data is data really acquired by the information acquisition terminal.
In one possible implementation manner of S404, the information processing server may send the encrypted data information to the information reinforcing server through a Transport Layer Security (TLS).
Specifically, as shown in fig. 5, sending encrypted data information to the information reinforcing server by the information processing server through TLS includes S501 to S505:
s501, the information processing server sends a request message to the information reinforcing server.
Wherein, the request message includes: supported protocol versions, a random number generated by an information processing server (later used to generate session keys), supported encryption methods, and supported compression methods.
S502, the information reinforcing server sends response information to the information processing server.
Wherein, the response message includes: the encrypted communication protocol version used for validation, a random number generated by an information hardened server (later used to generate session keys), the encryption method used for validation, and the server certificate (with the information hardened server public key).
S503, the information processing server sends a response message to the information reinforcing server again.
Specifically, after receiving the response from the information reinforcing server, the information processing server first verifies the certificate of the information reinforcing server. If the certificate has no problem, the information processing server takes the public key of the information reinforcing server from the certificate. Then, the information processing server sends a random number (the random number is encrypted by the public key of the information reinforcing server, and the front and back random numbers finally derive a symmetric key through a key derivation device), a code change notice and a client handshake end notice to the information reinforcing server.
S504, the information reinforcing server sends a final response message to the information processing server.
And after receiving the third random number of the information processing server, the information reinforcing server calculates and generates a session key used by the session. And finally, the information reinforcing server sends a code change notice and a server handshake end notice to the information processing server, and the whole handshake phase is completely ended.
And S505, the information processing server re-encrypts the encrypted data information and sends the re-encrypted data to the information reinforcing server.
Specifically, the information processing server encrypts the encrypted data information again using the session key generated in the foregoing process. The information processing server sends the re-encrypted data information to the information reinforcing server by using a Hyper Text Transfer Protocol (HTTP) protocol. And the information reinforcing server receives and stores the encrypted data information.
The information processing server and the information reinforcing server can further enhance the safety of data transmission by carrying out data transmission through the TLS handshake protocol.
The information reading method provided in the embodiment of the present application, after S404, further includes:
s405, the information reinforcing server receives an information calling request from the information calling terminal.
Wherein the information invocation request includes a first identification. The information invoking request is used to invoke data information. The data information is obtained by decrypting the encrypted data information after the information reinforcing server receives the encrypted data information from the information processing server, or is obtained from other equipment.
In one implementation manner of this step, before the information consolidation server receives the information invoking request from the information invoking terminal, the method in this step further includes:
the information reinforcing server receives the encrypted data information from the information processing server. And the information reinforcing server decrypts the encrypted data information to obtain the data information. The information reinforcing server stores data information.
Specifically, the information consolidation server receives encrypted data information sent by the information processing service through the TLS. The information reinforcing server stores the corresponding relation between each encryption algorithm and each decryption algorithm in advance (the encryption algorithm and the decryption algorithm can be a group of corresponding encryption and decryption algorithms, and can also be the same algorithm, and the encryption and decryption processes are carried out through forward encryption and reverse decryption). And the information reinforcing server determines an encryption algorithm of the encrypted data information and determines a decryption algorithm corresponding to the encryption algorithm. And the information reinforcing server decrypts the encrypted data information according to the decryption algorithm to obtain the data information. And the information reinforcing server decrypts the data information and stores the data information. For example, the respective encryption algorithm and decryption algorithm may also be stored in the information processing server or any other third-party independent device.
In an implementation manner of this step, the data information is picture information. And after the information reinforcing server decrypts the encrypted data information to obtain the data information, encrypting the photo by adding the internet text and the dark watermark. The encryption process can ensure that the data information is not tampered in the process of being transmitted from the information reinforcing server to the information calling terminal.
In one implementation manner of this step, before the information consolidation server receives the information invoking request from the information invoking terminal, the method in this step further includes:
the information reinforcing server distributes a first identifier for the data information. And the information reinforcing server sends the first identifier to the information calling terminal.
Specifically, the information reinforcing server allocates a first identifier (for example, a token accid, optionally, the first identifier may be a unique identifier) to the data information according to a preset rule. And the information reinforcing server sends the first identifier to the information processing server. And the information processing server and the information calling terminal transmit information through HTTPS and send the first identifier to the information calling terminal. And the information calling terminal generates an information calling request according to the first identifier, wherein the information calling request comprises the first identifier. And the information calling terminal sends the information calling request to the information reinforcing server to request for calling data information.
S406, the information reinforcing server determines data information according to the first identification.
Specifically, the information reinforcing server may store a corresponding relationship between the first identifier and the data information. And after the information reinforcing server receives the first identifier, inquiring data information corresponding to the first identifier from the cache database according to the first identifier and the corresponding relation.
S407, the information reinforcing server sends data information to the information calling terminal.
Specifically, the information reinforcing server and the information calling terminal perform function interaction through the micro-service architecture. And after the information reinforcing server determines the data information to be called by the information calling terminal, the data information is sent to the information calling terminal through the micro service architecture.
It should be understood that the above-mentioned S401-S404 may be separately performed to implement authentication of the information collecting terminal and encryption of data information collected by the data collecting terminal. The above-mentioned S405-S407 may also be executed separately to complete the decryption of the data message and send the decrypted data message to the message invoking terminal. The above-mentioned S401 to S407 can also be executed in combination to implement a process from data information collection by the information collection terminal to data information reception by the information call terminal.
In an implementation manner of S407, the information reinforcing server calls the terminal data information to the sending information, which may specifically be implemented by the following manner: the information reinforcing server judges whether the target time length is larger than a preset threshold value, wherein the target time length is the time difference between the time for storing the data information by the information reinforcing server and the time for sending the first identification by the received information calling terminal.
And if the target duration is less than or equal to the preset threshold, the information reinforcing server sends data information to the information calling terminal.
If the target duration is greater than the preset threshold, the information reinforcing server sends a data information acquisition failure message to the information calling terminal; or acquiring the encrypted data information from the permanent storage database, decrypting the encrypted data information according to a preset encryption algorithm to obtain the data information, and sending the data information to the information calling terminal.
It is understood that the information invoking terminal, after receiving the data information acquisition failure message, instructs the information processing server and the information reinforcing server to re-execute the above steps S401 to S407.
Taking the cache database as a redis database, the permanent storage database as a MongoDB database, and the preset threshold value as 10 seconds as an example (the preset threshold value is a time value combining the time generally required by the information calling terminal to call the data and the safe storage time of the data in the redis database, and the size of the preset threshold value is not limited in the present application).
In order to avoid illegal personnel from invading the redis database to modify the cache data, the time for storing the data information in the redis database is 10 seconds at most, and after the storage time reaches 10 seconds, the information reinforcing server deletes the data information stored in the redis database.
For example, if the information reinforcing server stores the data information in the cache database, the time is 10 months, 10 days, 10 minutes and 10 seconds in 2010. The time when the information call terminal received by the information reinforcing server sends the first identifier is 10 months, 10 days, 10 o' clock, 10 minutes and 15 seconds in 2010. And the information reinforcing server determines that the target time length is 5 seconds and is less than the preset threshold value for 10 seconds. At this time, the data information is still cached in the redis database, and the information reinforcing server acquires the data information from the redis database and sends the data information to the information calling terminal.
If the time for storing the data information in the cache database by the information reinforcing server is as follows: 10 months 10 days 10 points 10 minutes 10 seconds 2010. The time for sending the first identifier by the information calling terminal received by the information reinforcing server is as follows: 10 months 10 days 10 o 10 min 25 s in 2010. And the information reinforcing server determines that the target time length is 15 seconds and is greater than a preset threshold value for 10 seconds. At this time, the data information in the redis database is deleted, and the encrypted data information is also stored in the MongoDB database. The information reinforcing server calls the encrypted data information from the MongoDB database, decrypts the data information to obtain the data information, and sends the data information to the information calling terminal; or the information reinforcing server directly sends a data information acquisition failure message to the information calling terminal, and the information calling terminal instructs the information processing server and the information reinforcing server to execute the steps S401-S407 again after receiving the acquisition failure message.
According to the information reading method provided by the embodiment of the application, the information reinforcing server receives an information calling request from the information calling terminal; the information calling request comprises a first identifier; the information reinforcing server acquires data information from the information reinforcing server according to the first identification; and the information reinforcing server sends data information to the information calling terminal. The information calling terminal calls the information according to the first identification distributed by the information reinforcing server for the data information, and the accuracy and the reliability of calling the data information are guaranteed.
In an implementation manner of S402 in this embodiment of the present application, the target driver is an encryption driver; the encryption algorithm of the target driver can be stored in the information processing server, the information reinforcing server or any third-party independent storage device. When the encryption algorithm is stored in the information reinforcing server or any third-party independent storage device, the information processing server establishes communication connection with the information reinforcing server or any third-party independent storage device to transmit the encryption algorithm.
For example, the first preset condition in the embodiment of the present application may be: and the driving program of the information acquisition terminal is the same as the decrypted target driving program. Taking the example that the encryption algorithm of the target driver is also stored in the information reinforcing server, the information processing server determines that the driver of the information acquisition terminal and the target driver meet a first preset condition, and the method comprises the following steps:
the information processing server determines a decryption algorithm corresponding to the target driver according to a preset mapping relation; the preset mapping relationship at least comprises a mapping relationship between a decryption algorithm and a target driver. And the information processing server decrypts the target driving program according to the decryption algorithm to obtain the decrypted target driving program. And if the driver is the same as the decrypted target driver, the information processing server determines that the first preset condition is met between the driver and the target driver.
More specifically, the information reinforcing server includes target drivers corresponding to all types of information acquisition terminals. The information reinforcing server is also preset with a decryption algorithm corresponding to each encryption algorithm in a plurality of encryption algorithms (the encryption algorithm and the decryption algorithm can also be the same algorithm). And the information reinforcing server distributes an encryption algorithm to different target drivers for encryption respectively. And the information reinforcing server encrypts the target driver by using the distributed encryption algorithm. And after the information reinforcing server finishes encryption, determining a decryption algorithm corresponding to each encryption algorithm, and establishing and storing the preset mapping relation according to the encryption algorithm distributed for the target driving program and the corresponding relation between the encryption algorithm and the decryption algorithm.
After the information processing server acquires the target driving program corresponding to the information acquisition terminal from the information reinforcing server, the decryption algorithm corresponding to the target driving program is determined, and the decryption algorithm is downloaded from the information reinforcing server. And decrypting the target driver according to the decryption algorithm. And after the decryption is finished, judging whether the driving program of the information acquisition terminal is the same as the decrypted target driving program.
And if the driver of the information acquisition terminal is the same as the decrypted target driver, determining that the first preset condition is met between the driver of the information acquisition terminal and the target driver.
And if the driver of the information acquisition terminal is different from the decrypted target driver, determining that the first preset condition is not met between the driver of the information acquisition terminal and the target driver.
The method is used for encrypting the target driving program and decrypting the target driving program in the information processing server by adopting a corresponding decryption algorithm. The accuracy of the target driving program acquired by the information processing server is ensured. And the fake target driving program is prevented from authenticating the information acquisition terminal.
In an implementation manner of the embodiment of the present application, after determining that a first preset condition is not satisfied between a driver of the information acquisition terminal and a target driver, the method further includes: if the driver and the target driver do not meet the first preset condition, the information processing server determines whether the driver meets a second preset condition. The second preset condition is as follows: the target driver is the driver after the driver of the information acquisition terminal is updated.
And if the information processing server determines that the driving program meets the second preset condition, the information processing server updates the driving program into the target driving program.
And if the information processing server determines that the driving program does not meet the second preset condition, the information processing server determines that the information acquisition terminal is an illegal information acquisition terminal.
The method can further identify the legal driver, prevent authentication failure caused by untimely update of the driver of the information acquisition terminal, and improve the working efficiency of information acquisition by updating the driver of the information acquisition terminal.
For example, after the device manufacturer of the information collecting terminal updates the driver of the device it produces, the updated driver is updated to the information reinforcing server synchronously. At this time, the information collection terminal may still carry the driver version before the update. After the information acquisition terminal is compared with the target terminal, the driver is determined not to meet a first preset condition. But the information acquisition device still carries a legitimate driver so that the information acquisition device should still be considered a legitimate information acquisition device. At this time, the information processing server further obtains the driver identifier (or the device identifier corresponding to the driver) and the version number of the target driver. The driver identifier (or the device identifier corresponding to the driver) of the driver is the same as that of the target driver, and the version number of the driver is different from that of the target driver. And confirming that the information acquisition equipment carries the legal driver which is not updated. At this time, the information processing server updates the driver to the target driver. And confirming that the information acquisition device is a legal information acquisition device.
In the embodiment of the present application, the information reading apparatus may be divided into the functional modules or the functional units according to the method example, for example, each functional module or functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module may be implemented in a form of hardware, or may be implemented in a form of a software functional module or a functional unit. The division of the modules or units in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
The embodiment of the present application provides an information reading apparatus, which is applied to the information processing server in the information reading system shown in fig. 2 or fig. 3. As shown in fig. 6, the information reading apparatus includes:
the acquiring unit 601 is configured to acquire a target driver corresponding to the type of the information collecting terminal.
The processing unit 602 is configured to determine that a driver of the information acquisition terminal and a target driver meet a first preset condition, and acquire data information from the information acquisition terminal.
The processing unit 602 is further configured to encrypt the data information, and obtain the encrypted data information.
A sending unit 603, configured to send the encrypted data information to the information reinforcing server; the information reinforcing server is used for decrypting the encrypted data information to obtain the data information and storing the data information.
Optionally, the processing unit 602 is further configured to: determining a decryption algorithm corresponding to the target driver according to a preset mapping relation; the preset mapping relationship at least comprises a mapping relationship between a decryption algorithm and a target driver. And decrypting the target driving program according to the decryption algorithm to obtain the decrypted target driving program. And if the driver is the same as the decrypted target driver, the information processing server determines that the first preset condition is met between the driver and the target driver.
Optionally, the information reading apparatus further includes: the obtaining unit 601 is further configured to receive a first identifier allocated by the information reinforcing server for the data information. The sending unit 603 is further configured to send the first identifier to an information invoking terminal, where the information invoking terminal is configured to obtain the data information from the information hardening server according to the first identifier.
Optionally, the processing unit 602 is further configured to: if the driver and the target driver do not meet the first preset condition, determining whether the driver meets a second preset condition; and if the driver is determined to meet the second preset condition, the information processing server updates the driver to the target driver.
The embodiment of the present application provides another information reading apparatus, which is applied to the information reinforcing server in the information reading system shown in fig. 2 or fig. 3. As shown in fig. 7, the information reading apparatus includes:
a receiving unit 701, configured to receive an information call request from an information call terminal; wherein the information invocation request includes a first identification.
A processing unit 702 is configured to determine data information according to the first identifier.
A sending unit 703, configured to send the data information to the information invoking terminal.
Optionally, the information reading apparatus further includes: the receiving unit 701 is further configured to receive encrypted data information from the information processing server. The processing unit 702 is further configured to decrypt the encrypted data information to obtain data information; the processing unit 702 is further configured to store data information.
Optionally, the information reading apparatus further includes: the processing unit 702 is further configured to assign a first identifier to the data information. The sending unit 703 is further configured to send the first identifier to the information invoking terminal.
Optionally, the information reading apparatus further includes: the processing unit 702 is further configured to determine whether the target duration is greater than a preset threshold; the target duration is the time difference between the time for storing the data information by the information reinforcing server and the time for sending the first identifier by the received information calling terminal.
The sending unit 703 is further configured to send data information to the information invoking terminal if the target duration is less than or equal to the preset threshold.
The sending unit 703 is further configured to send a data information acquisition failure message to the information invoking terminal if the target duration is greater than the preset threshold.
When implemented by hardware, the receiving unit, the obtaining unit, and the sending unit in the embodiment of the present application may be integrated on a communication interface, and the processing unit 702 may be integrated on a processor. The specific implementation is shown in fig. 8 or fig. 9.
Fig. 8 is a schematic diagram showing still another possible configuration of the information reading apparatus applied to the information processing server according to the above embodiment. The information reading apparatus includes: a processor 802 and a communications interface 803. The processor 802 is configured to control and manage actions of the information reading apparatus, for example, to perform the steps performed by the processing unit 602, and/or to perform other processes for the techniques described herein. The communication interface 803 is used to support communication between the information reading apparatus and other network entities, for example, to perform the steps performed by the above-described acquisition unit 601 and transmission unit 603. The information reading apparatus may further include a memory 801 and a bus 804, the memory 801 for storing program codes and data of the information reading apparatus.
The memory 801 may be a memory in an information reading apparatus, and the like, and the memory may include a volatile memory, such as a random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, a hard disk, or a solid state disk; the memory may also comprise a combination of memories of the kind described above.
The processor 802 may be any logic block, module or circuitry that may implement or perform the various illustrative logical blocks, modules and circuits described in connection with the disclosure herein. The processor may be a central processing unit, general purpose processor, digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.
The bus 804 may be an Extended Industry Standard Architecture (EISA) bus or the like. The bus 804 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 8, but this is not intended to represent only one bus or type of bus.
Fig. 9 shows a schematic diagram of still another possible structure of the information reading apparatus applied to the information reinforcing server in the above embodiment. The information reading apparatus includes: a processor 902 and a communication interface 903. The processor 902 is used to control and manage the actions of the information reading device, e.g., to perform the steps performed by the processing unit 702 described above, and/or to perform other processes for the techniques described herein. The communication interface 903 is used to support communication between the information reading apparatus and other network entities, for example, to execute the steps executed by the receiving unit 701 and the transmitting unit 703. The information reading apparatus may further include a memory 901 and a bus 904, the memory 901 storing program codes and data of the information reading apparatus.
The memory 901 may be a memory in an information reading apparatus, and the like, and the memory may include a volatile memory, such as a random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, a hard disk, or a solid state disk; the memory may also comprise a combination of memories of the kind described above.
The processor 902 may be various illustrative logical blocks, modules, and circuits described above that implement or perform the functions described in connection with the disclosure. The processor may be a central processing unit, general purpose processor, digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.
The bus 904 may be an Extended Industry Standard Architecture (EISA) bus or the like. The bus 904 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 9, but this does not indicate only one bus or one type of bus.
Through the above description of the embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.
The embodiment of the present application provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the information reading method executed by the information processing server in the above method embodiments.
The embodiment of the present application provides a computer program product containing instructions, which when run on a computer, causes the computer to execute the information reading method performed by the information reinforcing server in the above method embodiments.
The embodiment of the present application provides a computer program product containing instructions, which when running on a computer, causes the computer to execute the information reading method executed by the information invoking terminal in the above method embodiments.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a computer, the computer is caused to execute an information reading method executed by an information processing server in the method flow shown in the foregoing method embodiment.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a computer, the computer is enabled to execute the information reading method executed by the information reinforcement server in the method flow shown in the foregoing method embodiment.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a computer, the computer is enabled to execute the information reading method executed by the information invoking terminal in the method flow shown in the above method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an Erasable Programmable Read-Only Memory (EPROM), a register, a hard disk, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, any suitable combination of the above, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuit (ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The above is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (13)
1. An information reading method, characterized in that the method comprises:
the information processing server acquires a target driving program corresponding to the type of the information acquisition terminal;
the information processing server determines that a driving program of the information acquisition terminal is the same as the target driving program, and acquires data information from the information acquisition terminal;
under the condition that the driving program of the information acquisition terminal is the same as the target driving program, the information processing server determines that the information acquisition terminal passes validity check, and the information acquisition terminal is a legal terminal;
the information processing server encrypts the data information to obtain encrypted data information;
the information processing server sends the encrypted data information to an information reinforcing server; and the information reinforcing server is used for decrypting the encrypted data information to obtain the data information.
2. The method of claim 1, wherein the target driver is an encryption driver; the information processing server determines that the driving program of the information acquisition terminal is the same as the target driving program, and the method comprises the following steps:
the information processing server determines a decryption algorithm corresponding to the target driver according to a preset mapping relation; the preset mapping relation at least comprises the mapping relation between the decryption algorithm and the target driver;
the information processing server decrypts the target driving program according to the decryption algorithm to obtain the decrypted target driving program;
and if the driver is the same as the decrypted target driver, the information processing server determines that the driver is the same as the target driver.
3. The method of claim 2, wherein after the information processing server sends the encrypted data information to an information hardening server, the method further comprises:
the information processing server receives a first identifier distributed by the information reinforcing server for the data information;
and the information processing server sends the first identifier to an information calling terminal, and the information calling terminal is used for acquiring the data information from the information reinforcing server according to the first identifier.
4. The method according to any one of claims 1-3, further comprising:
if the driver is determined to be different from the target driver, the information processing server determines whether the driver meets a second preset condition;
and if the information processing server determines that the driving program meets the second preset condition, the information processing server updates the driving program to the target driving program.
5. An information reading method, characterized in that the method comprises:
the information reinforcing server receives an information calling request from an information calling terminal; wherein the information calling request comprises a first identifier;
the information reinforcing server determines data information corresponding to the first identification according to the stored corresponding relation between the first identification and the data information, wherein the data information comprises identity information on an identity card acquired by an information acquisition terminal; the information acquisition terminal is a legal terminal which passes the validity check of the information processing server, wherein the passing of the validity check of the information acquisition terminal by the information processing server means that a driving program of the information acquisition terminal is the same as a target driving program acquired by the information processing server;
and the information reinforcing server sends the data information to the information calling terminal.
6. The method according to claim 5, wherein before the information consolidation server receives the information invoking request from the information invoking terminal, the method further comprises:
the information reinforcing server receives encrypted data information from the information processing server;
and the information reinforcing server decrypts the encrypted data information to obtain the data information.
7. The method according to claim 5, wherein before the information consolidation server receives the information invoking request from the information invoking terminal, the method further comprises:
the information reinforcing server distributes a first identifier for the data information;
and the information reinforcing server sends the first identifier to the information calling terminal.
8. The method according to any one of claims 5 to 7, wherein the sending of the data information to the information invoking terminal by the information consolidation server comprises:
the information reinforcing server judges whether the target duration is greater than a preset threshold value or not; the target duration is the time difference between the time for storing the data information by the information reinforcing server and the received time for sending the first identifier by the information calling terminal;
and if the target duration is less than or equal to the preset threshold, the information reinforcement server sends the data information to the information calling terminal.
9. An information reading system, comprising: the system comprises an information reinforcing server and an information processing server, wherein the information processing server is communicated with the information reinforcing server; wherein the information processing server is configured to perform the method described in any one of claims 1-4, and the information reinforcing server is configured to perform the method described in any one of claims 5-8.
10. An information reading apparatus, characterized in that the apparatus comprises:
the acquisition unit is used for acquiring a target driving program corresponding to the type of the information acquisition terminal;
the processing unit is used for determining that a driving program of the information acquisition terminal is the same as the target driving program and acquiring data information from the information acquisition terminal;
the processing unit is further configured to determine that the information acquisition terminal passes validity check and is a valid terminal under the condition that the driver of the information acquisition terminal is the same as the target driver;
the processing unit is further configured to encrypt the data information to obtain encrypted data information;
a sending unit, configured to send the encrypted data information to an information reinforcing server; and the information reinforcing server is used for decrypting the encrypted data information to obtain the data information.
11. An information reading apparatus, characterized in that the apparatus comprises:
a receiving unit, configured to receive an information call request from an information call terminal; wherein the information calling request comprises a first identifier;
the processing unit is used for determining data information corresponding to the first identifier according to the stored corresponding relation between the first identifier and the data information, wherein the data information comprises identity information on an identity card acquired by an information acquisition terminal; the information acquisition terminal is a legal terminal which passes the validity check of the information processing server, wherein the passing of the validity check of the information acquisition terminal by the information processing server means that a driving program of the information acquisition terminal is the same as a target driving program acquired by the information processing server;
and the sending unit is used for sending the data information to the information calling terminal.
12. An information reading apparatus, characterized by comprising: a processor and a communication interface; the communication interface is coupled to the processor for executing a computer program or instructions to implement the method of any of claims 1-4 or to implement the method of any of claims 5-8.
13. A computer-readable storage medium having stored therein instructions which, when executed, implement the method of any one of claims 1-4, or implement the method of any one of claims 5-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910395226.9A CN110266641B (en) | 2019-05-13 | 2019-05-13 | Information reading method, system, device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910395226.9A CN110266641B (en) | 2019-05-13 | 2019-05-13 | Information reading method, system, device and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110266641A CN110266641A (en) | 2019-09-20 |
| CN110266641B true CN110266641B (en) | 2021-08-17 |
Family
ID=67914635
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910395226.9A Active CN110266641B (en) | 2019-05-13 | 2019-05-13 | Information reading method, system, device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110266641B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113434848A (en) * | 2021-07-06 | 2021-09-24 | 李瑞强 | Data acquisition method and device, storage medium and electronic equipment |
| CN114666173B (en) * | 2022-05-26 | 2022-10-18 | 广州万协通信息技术有限公司 | Internet of things information transmission method and device based on intermediate equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107733912A (en) * | 2017-10-31 | 2018-02-23 | 珠海市魅族科技有限公司 | Information ciphering method, information authentication method, terminal and computer-readable recording medium |
| CN109240713A (en) * | 2018-08-27 | 2019-01-18 | 郑州云海信息技术有限公司 | Drive the encryption method of installation procedure, the installation method and device of driver |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7877603B2 (en) * | 2006-09-07 | 2011-01-25 | International Business Machines Corporation | Configuring a storage drive to communicate with encryption and key managers |
-
2019
- 2019-05-13 CN CN201910395226.9A patent/CN110266641B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107733912A (en) * | 2017-10-31 | 2018-02-23 | 珠海市魅族科技有限公司 | Information ciphering method, information authentication method, terminal and computer-readable recording medium |
| CN109240713A (en) * | 2018-08-27 | 2019-01-18 | 郑州云海信息技术有限公司 | Drive the encryption method of installation procedure, the installation method and device of driver |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110266641A (en) | 2019-09-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2021203184B2 (en) | Transaction messaging | |
| CN108810029B (en) | Authentication system and optimization method between micro-service architecture services | |
| US20220191016A1 (en) | Methods, apparatuses, and computer program products for frictionless electronic signature management | |
| CN107409049B (en) | Method and apparatus for securing mobile applications | |
| US20180295121A1 (en) | Secure element authentication | |
| WO2019109097A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
| US10007797B1 (en) | Transparent client-side cryptography for network applications | |
| US9055061B2 (en) | Process of authentication for an access to a web site | |
| WO2010150008A2 (en) | Method and system for provision of cryptographic services | |
| CN111209558B (en) | Internet of things equipment identity authentication method and system based on block chain | |
| CN102414689A (en) | Method and apparatus for improving code and data signing | |
| MX2008011277A (en) | Digipass for the web-functional description. | |
| CN109495268B (en) | Two-dimensional code authentication method and device and computer readable storage medium | |
| US20090138717A1 (en) | System and method for over the air communication authentication using a service token | |
| KR20120053929A (en) | The agent system for digital signature using sign private key with double encryption and method thereof features to store in web storage | |
| JP4696449B2 (en) | Encryption apparatus and method | |
| CN110266641B (en) | Information reading method, system, device and computer readable storage medium | |
| WO2019178440A1 (en) | System and method for securing private keys behind a biometric authentication gateway | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN114501431A (en) | Message transmission method and device, storage medium and electronic equipment | |
| KR101952641B1 (en) | Location based multi-channel login authentication method in a cloud environments | |
| CN113312576A (en) | Page jump method, system and device | |
| KR101799517B1 (en) | A authentication server and method thereof | |
| CN109246062A (en) | A kind of authentication method and system based on browser plug-in | |
| WO2015104567A1 (en) | Secure communication between a server and a client web browser |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |