CN111431876A - Method and device for accessing database, computer equipment and storage medium - Google Patents

Method and device for accessing database, computer equipment and storage medium Download PDF

Info

Publication number
CN111431876A
CN111431876A CN202010176740.6A CN202010176740A CN111431876A CN 111431876 A CN111431876 A CN 111431876A CN 202010176740 A CN202010176740 A CN 202010176740A CN 111431876 A CN111431876 A CN 111431876A
Authority
CN
China
Prior art keywords
target
database
picture
text
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010176740.6A
Other languages
Chinese (zh)
Inventor
臧磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010176740.6A priority Critical patent/CN111431876A/en
Publication of CN111431876A publication Critical patent/CN111431876A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V30/00Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
    • G06V30/10Character recognition
    • G06V30/14Image acquisition
    • G06V30/148Segmentation of character regions
    • G06V30/153Segmentation of character regions using recognition of characters or words
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • H04N1/32149Methods relating to embedding, encoding, decoding, detection or retrieval operations
    • H04N1/32267Methods relating to embedding, encoding, decoding, detection or retrieval operations combined with processing of the image
    • H04N1/32272Encryption or ciphering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V30/00Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
    • G06V30/10Character recognition

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a method, a device, a computer device and a storage medium for accessing a database, wherein the method for accessing the database comprises the following steps: the method comprises the steps that a front end receives an initial request for accessing a database, wherein the initial request is sent by a tenant and comprises a target ID and request information of the tenant; after the target ID is loaded on the picture, the picture is partitioned to obtain the gray value of each image block, then conversion calculation is carried out on each gray value, and a final request is obtained according to the calculation result; and sending the final request to a server so that the server can analyze and obtain the target ID, and then sending corresponding data to the tenant. According to the method and the device, the target ID is loaded on the picture, the gray level of the picture is encrypted through the encryption algorithm, the safety of the target ID is greatly improved, and the target ID is prevented from being broken after being intercepted by a third party.

Description

Method and device for accessing database, computer equipment and storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for accessing a database, a computer device, and a storage medium.
Background
When a tenant registers the tenant in a server of a multi-tenant system, the server generates a tenant ID of the tenant and sets a database, and associates the tenant ID of the tenant with the database, so that data of the tenants are isolated by corresponding different IDs to different databases. The server has a plurality of databases, and each database has a corresponding relationship with the tenant ID. When the tenant accesses the database, the tenant sends a request with the tenant ID of the tenant to the system, and when the system judges that the tenant ID exists in the request, the tenant is matched with the corresponding database, and corresponding connection between the tenant and the database is established.
The databases of the tenants are isolated, the databases are accessed only through the tenant IDs of the tenants, and after the tenants send requests to the server, the requests are intercepted and then are easily used by others to access the databases of the tenants, so that data information of the tenants is leaked, and the security performance is low.
Disclosure of Invention
The application mainly aims to provide a method, a device, a computer device and a storage medium for accessing a database, which can provide safe access to the database for tenants.
In order to achieve the above object, the present application provides a method for accessing a database, comprising:
the method comprises the steps that a front end receives an initial request for accessing a database, wherein the initial request is sent by a tenant and comprises a target ID and request information of the tenant;
receiving a background picture sent by a server, and loading the target ID on the background picture to obtain an encrypted picture;
partitioning the encrypted picture to obtain M pixel blocks, obtaining a gray value of each pixel block, and filling each gray value into a position corresponding to the pixel block to form a matrix H (i, j), wherein M and N are positive integers, i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N;
carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
encrypting the target ID through a public key to obtain a ciphertext;
writing the encrypted value and the ciphertext into the request information to obtain a final request;
sending the final request to a server so that the server can analyze and obtain the target ID, provide a database number corresponding to the target ID, and search corresponding target data in a corresponding database according to the request information;
and receiving the target data sent by the server.
Further, the step of receiving a background picture sent by the server, and loading the target ID on the background picture to obtain an encrypted picture includes:
the front end receives a background picture sent by the server and reads the main tone of the background picture;
rendering the target ID into a reverse tone opposite to the main tone and loading the reverse tone on the background picture to obtain an encrypted picture.
Further, the step of receiving a background picture sent by the server, and loading the target ID on the background picture to obtain an encrypted picture includes:
the front end receives a background picture sent by a server, and loads the target ID on the background picture to obtain a test picture;
recognizing a test text in the test picture by adopting an OCR recognition technology;
judging whether the test text is consistent with the target ID or not;
and if so, defining the test picture as an encrypted picture.
Further, after the step of determining whether the test text is consistent with the target ID, the method includes:
if the test text is judged to be inconsistent with the target ID, respectively acquiring a difference character in the target ID inconsistent with the test text and a same character in the target ID consistent with the test text;
processing the difference characters according to a preset mode to form processed characters, and arranging the processed characters and the same characters according to the sequence of the characters of the target ID to obtain updated characters;
loading the updated characters on the background picture to obtain an updated test picture, identifying an updated test text in the updated test picture by adopting an OCR (optical character recognition) technology, then judging whether the updated test text is consistent with the characters of the target ID, and if so, defining the updated test picture as an encrypted picture.
Further, the step of writing the encrypted value and the ciphertext into the request information to obtain a final request includes:
generating a random character string with random length;
and sequentially arranging the encrypted value, the random character string and the ciphertext to form a text as the final request.
The application also provides a method for sending data, which is used for sending data for the front end in the method for accessing the database, and comprises the following steps:
the server receives a final request sent by the front end;
reading an encrypted value and the ciphertext in the final request;
performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
judging whether the first text is consistent with the second text;
if yes, judging that the first text is the target ID;
searching a database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
reading a target database corresponding to the database number, and acquiring target data corresponding to the request information;
and sending the target data to the front end.
The present application further provides an apparatus for accessing a database, comprising:
the system comprises a receiving initial request module, a database access module and a database processing module, wherein the receiving initial request module is used for receiving an initial request for accessing the database sent by a tenant at the front end, and the initial request comprises a target ID of the tenant and request information;
the loading module is used for receiving a background picture sent by a server and loading the target ID on the background picture to obtain an encrypted picture;
the blocking module is used for blocking the encrypted picture to obtain M pixel blocks, obtaining a gray value of each pixel block, and filling each gray value into a position corresponding to the pixel block to form a matrix H (i, j), wherein M and N are positive integers, i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N;
the transformation calculation module is used for carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
the encryption module is used for encrypting the target ID through a public key to obtain a ciphertext;
a writing module, configured to write the encrypted value and the ciphertext into the request information to obtain a final request;
the first sending module is used for sending the final request to a server so that the server can analyze the final request to obtain the target ID, provide a database number corresponding to the target ID and search corresponding target data in a corresponding database according to the request information;
and the data receiving module is used for receiving the target data sent by the server.
The present application further provides a device for transmitting data, including:
a final request receiving module, configured to receive, by the server, a final request sent by the front end;
a reading module, configured to read the encrypted value and the ciphertext in the final request;
the decryption module is used for performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
the judging module is used for judging whether the first text is consistent with the second text;
the judging module is used for judging that the first text is the target ID if the first text is consistent with the second text;
the searching module is used for searching the database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
the acquisition module is used for reading a target database corresponding to the database number and acquiring target data corresponding to the request information;
and the second sending module is used for sending the target data to the front end.
The present application further provides a computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the steps of any of the above methods when executing the computer program.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, carries out the steps of the method of any of the above.
According to the method, the device, the computer equipment and the storage medium for accessing the database, the target ID of the tenant is encrypted to prevent information from being intercepted. The target ID is loaded on the picture, and the gray level of the picture is encrypted through an encryption algorithm, so that the safety of the target ID is greatly improved, and the target ID is prevented from being intercepted by a third party and then cracked. And the corresponding database is searched after the target ID is decrypted according to the private key, so that the data information is prevented from being leaked. Can play a better safety protection role.
Drawings
FIG. 1 is a schematic flow chart diagram illustrating a method for accessing a database according to an embodiment of the present application;
FIG. 2 is a block diagram illustrating an exemplary architecture of an apparatus for accessing a database according to an embodiment of the present application;
fig. 3 is a block diagram illustrating a structure of a computer device according to an embodiment of the present application.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
Referring to fig. 1, an embodiment of the present application provides a method for accessing a database, including the steps of:
S1A, a front end receives an initial request for accessing a database, wherein the initial request is sent by a tenant and comprises a target ID and request information of the tenant;
S2A, receiving a background picture sent by a server, and loading the target ID on the background picture to obtain an encrypted picture;
S3A, partitioning the encrypted picture to obtain M pixel blocks, obtaining the gray value of each pixel block, filling each gray value into the position corresponding to the pixel block to form a matrix H (i, j), wherein M and N are positive integers, i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N;
S4A, carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
S5A, encrypting the target ID through a public key to obtain a ciphertext;
S6A, writing the encrypted value and the ciphertext into the request information to obtain a final request;
S7A, sending the final request to a server so that the server can analyze the target ID, provide a database number corresponding to the target ID, and search corresponding target data in a corresponding database according to the request information;
and S8A, receiving the target data sent by the server.
In this embodiment, the server has a plurality of databases, and each database is connected to a tenant control. The tenants access the network through the front end, which is connected to the database. The database collects data of the front end of the tenant; meanwhile, the front end can also access the database to obtain corresponding data. After the tenant is successfully registered in the server, the server sends a tenant ID to the tenant, and the ID is the target ID of the registered tenant. Generally, an ID is a string of a specified length. After the tenant logs in the interface of the tenant through the ID at the front end, the front end is the front end of the tenant. It should be noted that, when the front end does not use the service of the tenant, the front end at this time is not the front end involved in the present invention; if the tenant uses another terminal to log in the tenant's system and execute the system-related service, the terminal is the front end. The tenant sends the data of the front end to the database, or when requesting to access the data in the database, the tenant is regarded as the initial request of the front end for accessing the database. When the front end determines that the database is to be accessed, the tenant initiates an initial request to the database, the initial request comprises a target ID of the tenant and request information, the request information refers to address information, attribute information and the like of data requested to be called, and the server searches the data needed by the tenant in the corresponding database according to the request information and then returns the data to the tenant. After receiving the initial request, the front end sends the initial request to a server of the database, and then the server sends a background picture to the front end. Or, the front end calls a preset memory to read out a background picture. The background picture does not have any characters or patterns which are mistaken for the characters, and preferably, the background picture is a black and white picture. And then loading the target ID on the background picture to form an encrypted picture, wherein the encrypted picture is the picture containing the target ID. And then, partitioning the encrypted picture to obtain a plurality of pixel blocks to form an M-N matrix, wherein each element in the matrix is a pixel block. The encrypted picture may be blocked according to the pixels of the background picture, and if the pixels of the background picture are 1320 × 960, the encrypted picture is divided into 1320 × 960 pixel blocks. Then, the gray value of each pixel block is read to obtain 1320 × 960 gray values, and all the gray values are filled into corresponding positions in the matrix to form an encryption matrix H (i, j), wherein i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N. And then, respectively calculating each gray value of the encryption matrix by using an encryption algorithm to convert each gray value into an updated numerical value, and then taking the updated numerical value as the value of the original matrix element to obtain an encryption value H ' (i ', j '). Meanwhile, the target ID is encrypted by using the public key to obtain a ciphertext. When the server generates the ID of the tenant, it also generates a set of corresponding keys (the keys include a public key and a private key) and an encryption algorithm. When the tenant logs in, the front end downloads the encryption algorithm and the public key in the cache of the front end at the same time. When the front end needs to send the initial request of the tenant to the server, the front end firstly obtains the target ID of the tenant, and then downloads the encryption algorithm and the public key corresponding to the target ID. And then, respectively carrying out encryption calculation on the target ID by using an encryption algorithm to obtain an encrypted value corresponding to the target ID, and encrypting the target ID through a public key to obtain a ciphertext corresponding to the target ID. And then combining the request information, the encryption value and the ciphertext in the initial request to form a final request. In a specific embodiment, the request information in the initial request is an http request, i.e. a string of characters. Combining the characters of the http request, the characters of the encrypted value and the characters of the ciphertext to obtain a final request, wherein the final request is in the order of request information-ciphertext-encrypted value or encrypted value-request information-ciphertext. The final request is then sent to the server. The server analyzes the final request to obtain a target ID, finds a corresponding database number of the target ID in a corresponding relation of stored tenant IDs and database numbers, reads the request information, and sends data corresponding to the request information to the front end to enable the front end to effectively access the database. According to the scheme, the target ID is subjected to conversion calculation and encryption through an encryption algorithm and a public key, so that the target ID is more complex, the target ID can be effectively prevented from being decoded after being intercepted by a third party, and a database of a tenant is effectively protected.
In an embodiment, the step of receiving the background picture sent by the server, and loading the target ID on the background picture to obtain an encrypted picture includes:
s21, the front end receives the background picture sent by the server, and the main tone of the background picture is read;
and S22, rendering the characters of the target ID into a reverse tone opposite to the main tone, and loading the reverse tone on the background picture to obtain an encrypted picture.
In this embodiment, the server stores a plurality of background pictures. The background picture can be a pure single tone picture, or a picture gradually changing from left to right, or a picture containing a landscape, and the background picture does not have any image information of characters or similar characters. The color in each background picture is less or single. The main tone of the background picture is read, the background picture is scanned to obtain the main tone, or a worker adds a mark of main tone information to the background picture in advance so as to be read by a front end. After the front end reads the main tone of the background picture, the back tone opposite to the main tone is calculated, wherein the corresponding relation of each tone is stored in a server preset by a worker, and then the front end downloads the back tone from the server for use. And then rendering the target ID into an inverse tone, and then loading the inverse tone target ID on a background picture to form an encrypted picture so that the target ID is clearly displayed on the background picture so as to be conveniently identified by the server.
In an embodiment, the step of obtaining the encrypted picture by the front end receiving a background picture sent by a server and loading the target ID on the background picture includes:
s23, the front end receives a background picture sent by the server, and the target ID is loaded on the background picture to obtain a test picture;
s24, recognizing the test text in the test picture by adopting an OCR recognition technology;
s25, judging whether the test text is consistent with the target ID;
and S26, if yes, defining the test picture as an encrypted picture.
In this embodiment, after the front end loads the target ID on the background picture, a test picture is obtained, in order to avoid that, because the background picture has a pattern similar to the character of the target ID, it is first simulated whether the target ID can be identified, the front end identifies the test text in the test picture by using an OCR identification technology, and then compares the test text with the target ID to determine whether the test text is completely consistent, if so, it indicates that the server can also identify the test text, and the test picture is defined as a hash picture. If the difference is not completely consistent, the above step S23 is executed after replacing a background picture.
In an embodiment, after the step of determining whether the test text is consistent with the target ID, the method includes:
s27, if the test text is judged to be inconsistent with the target ID, respectively acquiring a difference character inconsistent with the test text in the target ID and a same character consistent with the test text in the target ID;
s28, processing the difference characters according to a preset mode to form processed characters, and arranging the processed characters and the same characters according to the sequence of the characters of the target ID to obtain updated characters;
and S29, loading the updated characters on the background picture to obtain an updated test picture, and then executing S24.
In this embodiment, if the test text is inconsistent with the characters of the target ID, it is determined that the server cannot be read accurately, and thus the verification cannot be completed. Therefore, a new hash picture needs to be generated; firstly, comparing a test text with characters of a target ID to obtain the same characters and different difference characters in the characters of the target ID, wherein the difference characters represent the characters which are similar to the colors in a background picture when the characters of the target ID are loaded on the background picture or cannot be accurately identified due to other reasons, carrying out amplification processing and reduction processing on the difference characters or carrying out processing in a designated processing mode such as color adjustment, font adjustment and the like to obtain processed characters, then arranging the processed characters and the same characters according to the same sequence of the characters of the target ID again to obtain updated characters, and the updated characters have the same content as the characters of the target ID and are different in format. And then loading the updated characters on a background picture to obtain an updated test picture, identifying an updated test text in the updated test picture by adopting an OCR (optical character recognition) technology, judging whether the updated test text is consistent with the characters of the target ID, and if so, defining the updated test picture as an encrypted picture.
In an embodiment, the step of writing the encrypted value and the ciphertext into the request information by the front end to obtain the final request includes:
s61, generating a random character string with random length;
s62, arranging the encrypted value, the random character string and the ciphertext in sequence to form a text as the final request.
In this embodiment, the final request includes request information, an encrypted value, and a ciphertext. Firstly, a random character string with random length is generated, then characters of the encrypted value, the random character string, the request information and the ciphertext are sequentially arranged, and the formed text is the final request. And a random character string is added into the final request, so that the cracking of the final request by others is prevented. Even if the third party obtains the final request, the third party cannot know the bit number of the target ID, and therefore the encrypted value and the ciphertext cannot be selected from the final request. After the front end sends the final request to the server, the server reads the digit of the tenant ID as the digit of the target ID, then firstly picks out the characters with the first specified character quantity before the final request to obtain an encrypted value, and then picks out the characters with the second specified character quantity after the final request to obtain a ciphertext.
In addition, the present application also provides a method for sending data, where an execution subject of the method for accessing a database includes the following steps:
S1B, the server receives the final request sent by the front end;
S2B, reading the encrypted value in the final request and the ciphertext;
S3B, performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
S4B, judging whether the first text is consistent with the second text;
S5B, if yes, the first text is judged to be the target ID;
S6B, finding out the database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
S7B, reading a target database corresponding to the database number, and acquiring target data corresponding to the request information;
and S8B, sending the target data to the front end.
In this embodiment, after receiving the final request sent by the front end, the server first reads out the encrypted value and the ciphertext in the final request respectively. The final request includes the encrypted value, the ciphertext, and the request information. And the server determines the positions of the encrypted value, the ciphertext and the request information according to the sequencing rule of the front end and then respectively reads the encrypted value, the ciphertext and the request information. And after the encrypted values are read, performing reverse calculation by using an encryption algorithm to obtain a reverse matrix, then constructing a blank image with the same pixels as the background image, and mapping each value in the reflection matrix as a gray value to the position of a pixel block in the blank image to obtain an analytic image. And identifying characters in the analyzed picture by using an OCR (optical character recognition) technology to obtain a first text corresponding to the encrypted value. And then, decrypting the ciphertext by using the private key to obtain a second text corresponding to the ciphertext, comparing the first text with the second text, judging whether the first text and the second text are completely the same, and if so, judging that the first text and the second text are both target IDs. And then the server calls the corresponding relation between the tenant ID and the database number, finds the database number corresponding to the target ID, accesses the target database corresponding to the database number, acquires target data corresponding to the request information in the target database according to the request information in the final request, and then sends the target data to the front end.
Referring to fig. 2, an embodiment of the present application further provides an apparatus for accessing a database, including:
the system comprises a receiving initial request module 1, a database access module and a database processing module, wherein the receiving initial request module is used for receiving an initial request for accessing the database sent by a tenant at the front end, and the initial request comprises a target ID of the tenant and request information;
the loading module 2 is used for receiving a background picture sent by a server and loading the target ID on the background picture to obtain an encrypted picture;
the blocking module 3 is configured to block the encrypted picture to obtain M × N pixel blocks, obtain a gray value of each pixel block, and fill each gray value into a position corresponding to the pixel block to form a matrix H (i, j), where M and N are positive integers, i is greater than or equal to 1 and less than or equal to M, and j is greater than or equal to 1 and less than or equal to N;
the transformation calculation module 4 is used for carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
the encryption module 5 is used for encrypting the target ID through a public key to obtain a ciphertext;
a writing module 6, configured to write the encrypted value and the ciphertext into the request information to obtain a final request;
a first sending module 7, configured to send the final request to a server, so that the server analyzes to obtain the target ID, provides a database number corresponding to the target ID, and finds corresponding target data in a corresponding database according to the request information;
and the data receiving module 8 is used for receiving the target data sent by the server.
In one embodiment, the loading module 2 includes:
the read main tone unit is used for receiving the background picture sent by the server at the front end and reading the main tone of the background picture;
and the first loading unit is used for rendering the target ID into a reverse tone opposite to the main tone and loading the reverse tone on the background picture to obtain an encrypted picture.
In one embodiment, the load module 2 includes:
the testing unit is used for receiving a background picture sent by the server at the front end and loading the target ID on the background picture to obtain a testing picture;
the recognition unit is used for recognizing the test text in the test picture by adopting an OCR recognition technology;
a judging unit configured to judge whether the test text is consistent with the target ID;
and the defining unit is used for defining the test picture as an encrypted picture if the test text is consistent with the target ID.
In one embodiment, the loading module 2 further includes:
the character obtaining unit is used for respectively obtaining the different characters which are inconsistent with the test text in the target ID and the same characters which are consistent with the test text in the target ID if the test text is judged to be inconsistent with the target ID;
the processing unit is used for processing the difference characters according to a preset mode to form processed characters, and arranging the processed characters and the same characters according to the sequence of the characters of the target ID to obtain updated characters;
and the updating unit is used for loading the updated characters on the background picture to obtain an updated test picture, identifying an updated test text in the updated test picture by adopting an OCR (optical character recognition) technology, judging whether the updated test text is consistent with the characters of the target ID or not, and if so, defining the updated test picture as an encrypted picture.
In one embodiment, the writing module 6 includes:
the random unit is used for generating a random character string with random length;
and the arranging unit is used for sequentially arranging the encrypted value, the random character string and the ciphertext to form a text as the final request.
An embodiment of the present application further provides an apparatus for transmitting data, including:
a final request receiving module, configured to receive, by the server, a final request sent by the front end;
a reading module, configured to read the encrypted value and the ciphertext in the final request;
the decryption module is used for performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
the judging module is used for judging whether the first text is consistent with the second text;
the judging module is used for judging that the first text is the target ID if the first text is consistent with the second text;
the searching module is used for searching the database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
the acquisition module is used for reading a target database corresponding to the database number and acquiring target data corresponding to the request information;
and the second sending module is used for sending the target data to the front end.
Referring to fig. 3, a computer device, which may be a server and whose internal structure may be as shown in fig. 3, is also provided in the embodiment of the present application. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the computer designed processor is used to provide computational and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The memory provides an environment for the operation of the operating system and the computer program in the non-volatile storage medium. The database of the computer device is used for storing data such as encryption algorithm, public key and the like. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of accessing a database and/or a method of transmitting data as described above.
Those skilled in the art will appreciate that the architecture shown in fig. 3 is only a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects may be applied.
An embodiment of the present application also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method of accessing a database and/or a method of transmitting data.
In summary, the method, the apparatus, the computer device and the storage medium for accessing a database of the present application encrypt the target ID of the tenant to prevent the information from being intercepted. The target ID is loaded on the picture, and the gray level of the picture is encrypted through an encryption algorithm, so that the safety of the target ID is greatly improved, and the target ID is prevented from being intercepted by a third party and then cracked. And the corresponding database is searched after the target ID is decrypted according to the private key, so that the data information is prevented from being leaked. Can play a better safety protection role.
It will be understood by those of ordinary skill in the art that all or a portion of the processes of the methods of the embodiments described above may be implemented by a computer program that may be stored on a non-volatile computer-readable storage medium, which when executed, may include the processes of the embodiments of the methods described above, wherein any reference to memory, storage, database, or other medium provided herein and used in the embodiments may include non-volatile and/or volatile memory.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that includes the element.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are also included in the scope of the present application.

Claims (10)

1. A method of accessing a database, comprising:
the method comprises the steps that a front end receives an initial request for accessing a database, wherein the initial request is sent by a tenant and comprises a target ID and request information of the tenant;
receiving a background picture sent by a server, and loading the target ID on the background picture to obtain an encrypted picture;
partitioning the encrypted picture to obtain M pixel blocks, obtaining a gray value of each pixel block, and filling each gray value into a position corresponding to the pixel block to form a matrix H (i, j), wherein M and N are positive integers, i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N;
carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
encrypting the target ID through a public key to obtain a ciphertext;
writing the encrypted value and the ciphertext into the request information to obtain a final request;
sending the final request to a server so that the server can analyze and obtain the target ID, provide a database number corresponding to the target ID, and search corresponding target data in a corresponding database according to the request information;
and receiving the target data sent by the server.
2. The method for accessing a database according to claim 1, wherein the step of receiving a background picture sent by a server and loading the target ID on the background picture to obtain an encrypted picture comprises:
the front end receives a background picture sent by the server and reads the main tone of the background picture;
rendering the target ID into a reverse tone opposite to the main tone and loading the reverse tone on the background picture to obtain an encrypted picture.
3. The method for accessing a database according to claim 1, wherein the step of receiving a background picture sent by a server and loading the target ID on the background picture to obtain an encrypted picture comprises:
the front end receives a background picture sent by a server, and loads the target ID on the background picture to obtain a test picture;
recognizing a test text in the test picture by adopting an OCR recognition technology;
judging whether the test text is consistent with the target ID or not;
and if so, defining the test picture as an encrypted picture.
4. The method of accessing a database of claim 3, wherein said step of determining whether said test text is consistent with said target ID comprises, after said step of:
if the test text is judged to be inconsistent with the target ID, respectively acquiring a difference character in the target ID inconsistent with the test text and a same character in the target ID consistent with the test text;
processing the difference characters according to a preset mode to form processed characters, and arranging the processed characters and the same characters according to the sequence of the characters of the target ID to obtain updated characters;
loading the updated characters on the background picture to obtain an updated test picture, identifying an updated test text in the updated test picture by adopting an OCR (optical character recognition) technology, then judging whether the updated test text is consistent with the characters of the target ID, and if so, defining the updated test picture as an encrypted picture.
5. The method of accessing a database of claim 1, wherein the step of writing the encrypted value and the ciphertext into the request message to obtain a final request comprises:
generating a random character string with random length;
and sequentially arranging the encrypted value, the random character string and the ciphertext to form a text as the final request.
6. A method of transmitting data for a front end in a method of accessing a database according to any of claims 1 to 5, comprising:
the server receives a final request sent by the front end;
reading an encrypted value and the ciphertext in the final request;
performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
judging whether the first text is consistent with the second text;
if yes, judging that the first text is the target ID;
searching a database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
reading a target database corresponding to the database number, and acquiring target data corresponding to the request information;
and sending the target data to the front end.
7. An apparatus for accessing a database, comprising:
the system comprises a receiving initial request module, a database access module and a database processing module, wherein the receiving initial request module is used for receiving an initial request for accessing the database sent by a tenant at the front end, and the initial request comprises a target ID of the tenant and request information;
the loading module is used for receiving a background picture sent by a server and loading the target ID on the background picture to obtain an encrypted picture;
the blocking module is used for blocking the encrypted picture to obtain M pixel blocks, obtaining a gray value of each pixel block, and filling each gray value into a position corresponding to the pixel block to form a matrix H (i, j), wherein M and N are positive integers, i is more than or equal to 1 and less than or equal to M, and j is more than or equal to 1 and less than or equal to N;
the transformation calculation module is used for carrying out transformation calculation on each gray value through an encryption algorithm to obtain an encrypted value H ' (i ', j ');
the encryption module is used for encrypting the target ID through a public key to obtain a ciphertext;
a writing module, configured to write the encrypted value and the ciphertext into the request information to obtain a final request;
the first sending module is used for sending the final request to a server so that the server can analyze the final request to obtain the target ID, provide a database number corresponding to the target ID and search corresponding target data in a corresponding database according to the request information;
and the data receiving module is used for receiving the target data sent by the server.
8. An apparatus for transmitting data, comprising:
a final request receiving module, configured to receive, by the server, a final request sent by the front end;
a reading module, configured to read the encrypted value and the ciphertext in the final request;
the decryption module is used for performing reverse calculation on each element in the encrypted value by using an encryption algorithm to obtain a reverse matrix, mapping each value in the reverse matrix to the position of a pixel block in a blank image as a gray value to obtain an analytic image, identifying characters in the analytic image by using an OCR (optical character recognition) technology to obtain a first text, and decrypting the ciphertext by using a private key to obtain a second text;
the judging module is used for judging whether the first text is consistent with the second text;
the judging module is used for judging that the first text is the target ID if the first text is consistent with the second text;
the searching module is used for searching the database number corresponding to the target ID in the corresponding relation between the tenant ID and the database request;
the acquisition module is used for reading a target database corresponding to the database number and acquiring target data corresponding to the request information;
and the second sending module is used for sending the target data to the front end.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, carries out the steps of the method of accessing a database of any of claims 1-5 and/or the method of transmitting data of claim 6.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of accessing a database of any one of claims 1 to 5 and/or the steps of the method of transmitting data of claim 6.
CN202010176740.6A 2020-03-13 2020-03-13 Method and device for accessing database, computer equipment and storage medium Pending CN111431876A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010176740.6A CN111431876A (en) 2020-03-13 2020-03-13 Method and device for accessing database, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010176740.6A CN111431876A (en) 2020-03-13 2020-03-13 Method and device for accessing database, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN111431876A true CN111431876A (en) 2020-07-17

Family

ID=71547515

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010176740.6A Pending CN111431876A (en) 2020-03-13 2020-03-13 Method and device for accessing database, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111431876A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113449829A (en) * 2021-06-25 2021-09-28 未鲲(上海)科技服务有限公司 Data transmission method based on optical character recognition technology and related device
WO2024087312A1 (en) * 2022-10-28 2024-05-02 蚂蚁区块链科技(上海)有限公司 Database access method, computing device and server

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101601222A (en) * 2006-01-25 2009-12-09 甲骨文国际公司 The online data encryption and decryption
US20100017415A1 (en) * 2008-07-16 2010-01-21 Fujitsu Limited Data access control method and data access control apparatus
CN101777047A (en) * 2009-01-08 2010-07-14 国际商业机器公司 System, equipment and method for accessing database under multiple-tenant environment
CN102456028A (en) * 2010-10-27 2012-05-16 金蝶软件(中国)有限公司 Multi-tenant-oriented data acquisition method, device and system
CN107203575A (en) * 2016-03-18 2017-09-26 北京京东尚科信息技术有限公司 A kind of system, apparatus and method for being used to isolate multi-tenant data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101601222A (en) * 2006-01-25 2009-12-09 甲骨文国际公司 The online data encryption and decryption
US20100017415A1 (en) * 2008-07-16 2010-01-21 Fujitsu Limited Data access control method and data access control apparatus
CN101777047A (en) * 2009-01-08 2010-07-14 国际商业机器公司 System, equipment and method for accessing database under multiple-tenant environment
CN102456028A (en) * 2010-10-27 2012-05-16 金蝶软件(中国)有限公司 Multi-tenant-oriented data acquisition method, device and system
CN107203575A (en) * 2016-03-18 2017-09-26 北京京东尚科信息技术有限公司 A kind of system, apparatus and method for being used to isolate multi-tenant data

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113449829A (en) * 2021-06-25 2021-09-28 未鲲(上海)科技服务有限公司 Data transmission method based on optical character recognition technology and related device
WO2024087312A1 (en) * 2022-10-28 2024-05-02 蚂蚁区块链科技(上海)有限公司 Database access method, computing device and server

Similar Documents

Publication Publication Date Title
CN104657665B (en) A kind of document handling method
CN108647262B (en) Picture management method and device, computer equipment and storage medium
CN106228084A (en) Data guard method that the sensitive field of based role dynamically adjusts and system
CN116484437B (en) Asset information management method and device and computer equipment
US6928548B1 (en) System and method for verifying the integrity of stored information within an electronic device
CN111563365B (en) Method and device for processing modification information of test standard worksheet and computer equipment
CN113391880B (en) Trusted mirror image transmission method for layered double hash verification
CN111431876A (en) Method and device for accessing database, computer equipment and storage medium
CN115238286A (en) Data protection method and device, computer equipment and storage medium
CN108229190B (en) Transparent encryption and decryption control method, device, program, storage medium and electronic equipment
CN104834840A (en) Password protection method based on mapping drifting technology
CN115248919A (en) Method and device for calling function interface, electronic equipment and storage medium
CN111382425B (en) Application installation management method under multi-signature mechanism, intelligent terminal and storage medium
CN112860933B (en) Ciphertext image retrieval method, device, terminal equipment and storage medium
WO2021169469A1 (en) Voiceprint data processing method and apparatus, computer device, and storage medium
CN116680673B (en) Identity verification method and device for display and computer equipment
CN111259445B (en) Database platform access method, device, equipment and medium
CN114925337B (en) Data labeling method and device and electronic equipment
CN114448722B (en) Cross-browser login method and device, computer equipment and storage medium
CN113254986B (en) Data processing method, device and computer readable storage medium
CN110580757B (en) Access control equipment opening method and device based on graphic code and storage medium
CN113645198A (en) Computer network information safety monitoring method
CN110717157B (en) User authentication method, device, computer equipment and storage medium
CN117459327B (en) Cloud data transparent encryption protection method, system and device
CN118041700B (en) Medical knowledge distribution method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20231229