CN111479265B - Information dissemination method and device, computer equipment and storage medium - Google Patents

Information dissemination method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN111479265B
CN111479265B CN202010157159.XA CN202010157159A CN111479265B CN 111479265 B CN111479265 B CN 111479265B CN 202010157159 A CN202010157159 A CN 202010157159A CN 111479265 B CN111479265 B CN 111479265B
Authority
CN
China
Prior art keywords
information
receiving end
original text
public key
receiving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010157159.XA
Other languages
Chinese (zh)
Other versions
CN111479265A (en
Inventor
李锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gree Electric Appliances Inc of Zhuhai
Original Assignee
Gree Electric Appliances Inc of Zhuhai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gree Electric Appliances Inc of Zhuhai filed Critical Gree Electric Appliances Inc of Zhuhai
Priority to CN202010157159.XA priority Critical patent/CN111479265B/en
Publication of CN111479265A publication Critical patent/CN111479265A/en
Application granted granted Critical
Publication of CN111479265B publication Critical patent/CN111479265B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to an information dissemination method, an information dissemination device, computer equipment and a storage medium, wherein the method comprises the following steps: generating a receiving end key pair based on a key management strategy of the receiving end; encrypting the identity information of the receiving end and the public key of the receiving end according to the public key of the sending end from the sending end to generate a first encrypted file; sending the first encrypted file to a sending end; receiving a second encrypted file from the sending end; when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation, the information operation authority is opened; decrypting the second encrypted file to obtain first packaging information; checking the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information. The original text information can be sent or received only after being authorized by using the fingerprint information based on the method, so that the safety of the information is effectively ensured, and the integrity of the information is determined.

Description

Information dissemination method and device, computer equipment and storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to an information dissemination method and apparatus, a computer device, and a storage medium.
Background
With the development of modern information technology and the popularization of smart phones, information is rapidly and quickly spread, and information security becomes very sensitive and urgent. While control over information dissemination becomes difficult. And a tracing means is lacked for controlling and monitoring some unreal information, so that some people can issue false information at will and spread the false information for many times. In addition, after the information is sent out, a sender is difficult to control information transmission, the information is often forwarded or sent in a group without consent, and great hidden danger is caused to privacy or information safety. The existing means generally carry out filtering and shielding through social software background big data management, but the integrity and the safety of information in the transmission process cannot be guaranteed.
Disclosure of Invention
In order to solve the problems that information is illegally spread for multiple times in the spreading process and information sources cannot be traced, the application provides an information spreading method, an information spreading device, computer equipment and a storage medium.
In a first aspect, this embodiment provides an information dissemination method, where the method is applied to a receiving end, and the method includes:
generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
sending the first encrypted file to the sending end;
receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information;
performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
Optionally, when it is determined that the textual information is complete and the textual information is to be forwarded, then:
checking whether the propagation times of the original text information is smaller than a propagation threshold value;
when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to the transfer end for encrypting the identity information of the transfer end and the transfer end public key;
acquiring fingerprint information of the receiving terminal, and starting information operation authority when the fingerprint information of the receiving terminal is successfully matched with the fingerprint information which allows forwarding operation;
receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information;
signing the second packaging information according to the receiving end private key to generate a second signature mark;
encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file;
and sending the fourth encrypted file to the transfer terminal.
Optionally, the method further comprises:
when the original text information is determined to be incomplete and not forwarded, incomplete and invalid original text information is obtained.
Optionally, the method further comprises:
and when the original text information is determined to be incomplete and to be forwarded, prompting that the information sending operation cannot be carried out.
Optionally, the method further comprises:
and when the propagation times of the original text information is greater than a propagation threshold value, prompting that the information sending operation cannot be carried out.
In a second aspect, this embodiment provides an information dissemination method, where the method is applied to a sending end, and the method includes:
determining original text information, and setting a propagation threshold value:
generating a key pair based on a key management strategy of a sending end, wherein the key pair comprises a public key of the sending end and a private key of the sending end;
sending the public key of the sending end to a receiving end for encrypting the identity information of the receiving end and the public key of the receiving end;
receiving the fingerprint information of the sending end, and starting information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent;
adding additional fields to the original text information and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of a sending end, a propagation time field and a public key field of the sending end;
signing the first packaging information according to the private key of the sending end to generate a first signature mark;
receiving a first encrypted file sent by the receiving end, wherein the first encrypted file comprises the receiving end public key and identity information of the receiving end, adding the identity information of the receiving end into the first packaging information, and encrypting the signed first packaging information according to the receiving end public key to obtain a second encrypted file;
and sending the second encrypted file to the receiving end.
In a third aspect, this embodiment provides an information dissemination method, where the method is applied to a forwarding end, and the method includes:
generating a key pair based on a key management strategy of the switching end, wherein the key pair comprises a public key of the switching end and a private key of the switching end;
receiving a receiving end public key sent by a receiving end, and encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key to generate a third encrypted file;
sending the third encrypted file to the receiving end;
receiving a fourth encrypted file which is encrypted by the receiving end according to the transfer end public key;
acquiring fingerprint information of the transfer end, and starting information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received;
decrypting the fourth encrypted file according to the transfer terminal private key to obtain second packaging information;
obtaining the public key of the receiving end in the second packaging information to carry out hash verification, and verifying the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
In a fourth aspect, this embodiment provides an information dissemination device, where the device is applied to a receiving end, and the device includes:
the first key generation module is used for generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
the first receiving module is used for receiving a sending end public key sent by a sending end, and encrypting the identity information of the receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
the first sending module is used for sending the first encrypted file to the sending end;
the first ciphertext acquisition module is used for receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
the first fingerprint receiving module is used for acquiring the fingerprint information of the receiving end, and opening the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
the first decryption module is used for decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, the first packaging information comprises at least one signature mark, and the source of the original text information is determined based on the signature mark in the first packaging information;
the first verification module is used for carrying out Hash verification according to the public key of the sending end in the first packaging information and verifying the integrity of the original text information;
the first forwarding judgment module is used for judging whether to forward the original text information based on the integrity of the original text information;
and the first forwarding module is used for acquiring the original text information when the original text information is determined to be complete and not forwarded.
A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
sending the first encrypted file to the sending end;
receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information;
performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:
generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
sending the first encrypted file to the sending end;
receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information;
performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
The information dissemination method, the information dissemination device, the computer equipment and the storage medium are provided, and the method comprises the following steps: generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key; receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file; sending the first encrypted file to the sending end; receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end; acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation; decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information; performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information. The original text information can be sent or received only after being authorized by using the fingerprint information based on the method, so that the safety of the information is effectively ensured, the propagation path of the original text information can be traced, and the integrity of the original text information can be determined.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
FIG. 1 is a diagram of an application environment of a method of information dissemination in one embodiment;
FIG. 2 is a flow diagram illustrating a method for information dissemination in one embodiment;
FIG. 3 is a schematic diagram illustrating a principle of Trustzone processing information of a receiving end in one embodiment;
FIG. 4 is a flow diagram illustrating a method for information dissemination in one embodiment;
FIG. 5 is a schematic diagram illustrating Trustzone processing information of a transmitting end in one embodiment;
FIG. 6 is a flow diagram illustrating a method for information dissemination in one embodiment;
FIG. 7 is a schematic diagram of information encapsulation in one embodiment;
FIG. 8 is a schematic diagram of an information dissemination device in one embodiment;
FIG. 9 is a schematic diagram of an information dissemination device in one embodiment;
FIG. 10 is a schematic diagram of an information dissemination device in one embodiment;
FIG. 11 is a diagram illustrating an internal structure of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
FIG. 1 is a diagram of an application environment of the information dissemination method in one embodiment. Referring to fig. 1, the information dissemination method is applied to an information dissemination system. The information dissemination system includes a terminal 110 and a server 120. The terminal 110 and the server 120 are connected through a network. The terminal 110 includes a sending end, a receiving end and a transfer end, the terminal 110 may be a desktop terminal or a mobile terminal, and the mobile terminal may be at least one of a mobile phone, a tablet computer, a notebook computer, and the like. The server 120 may be implemented as a stand-alone server or a server cluster composed of a plurality of servers.
In one embodiment, the present embodiment is mainly illustrated by applying the method to the terminal 110 (or the server 120) in fig. 1. Fig. 2 is a schematic flow chart of an information dissemination method in an embodiment, and referring to fig. 2, the information dissemination method specifically includes the following steps:
step S210, a key pair is generated based on the key management strategy of the receiving end, and the key pair comprises a receiving end public key and a receiving end private key.
In this embodiment, the receiving end generates a receiving end public key and a receiving end private key related to the self identity information, encrypts the information with the receiving end public key, and correspondingly decrypts the information according to the receiving end private key.
Step S220, receiving a sender public key sent by a sender, and encrypting the identity information of the receiver and the receiver public key according to the sender public key to generate a first encrypted file.
In this embodiment, the public key of the sending end is used to encrypt the identity information of the receiving end and the public key of the receiving end to generate a first encrypted file, which is convenient for the subsequent sending end to decrypt and obtain the public key of the receiving end and the identity information of the receiving end, so that the sending end encrypts the original text information into an encrypted file that can be decrypted by the receiving end according to the private key of the receiving end. The method and the device ensure that the original text information is only limited to the receiving end to be decrypted and acquired in the transmission process, avoid being checked and received by other people, and ensure the safety of the information.
Step S230, sending the first encrypted file to the sender.
In this embodiment, the identity information of the receiving end and the receiving end public key are sent to the sending end, so that the subsequent sending end can decrypt and obtain the receiving end public key and the identity information of the receiving end, and the sending end encrypts the original text information into an encrypted file that can be decrypted by the receiving end according to the receiving end private key. The method and the device ensure that the original text information is only limited to the receiving end to be decrypted and acquired in the transmission process, avoid being checked and received by other people, and ensure the safety of the information.
Step S240, receiving a second encrypted file encrypted by the sending end according to the receiving end public key.
In this embodiment, a second encrypted file sent by a sending end is received, and the second encrypted file is encrypted at the sending end according to a public key of a receiving end, and can only be successfully decrypted by the receiving end in a transmission process, so that the security in an original text information transmission process is ensured.
Step S250, acquiring the fingerprint information of the receiving end, and opening the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation.
In this embodiment, the operation user at the receiving end is prompted to perform fingerprint verification, and the judgment is performed according to the fingerprint information of the operation user acquired by the receiving end, so as to judge whether the operator has the right to perform processing operation on the received original text information, thereby preventing the original text information from being forwarded at will.
Step S260, decrypting the second encrypted file according to the receiving end private key to obtain first encapsulation information, where the first encapsulation information includes at least one signature mark, and determining a source of the original text information based on the signature mark in the first encapsulation information.
In this embodiment, after the receiving end passes the fingerprint information verification, it is determined that the operator at the receiving end has the right to perform the operation processing on the original text information, decrypting the second encrypted file according to the private key of the receiving end to obtain first packaging information, wherein the first packaging information comprises at least one signature mark which indicates that the original text information passes through one information receiving end, the signature mark corresponding to the information receiver is left step by step, for example, the original text information is propagated from the first receiver to the second receiver, the encapsulation information sent to the second receiving end carries the signature mark of the first receiving end, and then the original text information is transmitted from the second receiving end to the third receiving end, the encapsulation information transmitted to the third receiving end will carry the signature mark of the first receiving end and the signature mark of the second receiving end, so that the propagation times and the propagation path of the original text information can be traced.
Step S270, carrying out Hash verification according to the public key of the sending end in the first packaging information, and verifying the integrity of the original text information.
In this embodiment, a second hash check value is generated according to the combination of the public key of the sending end and the hash check, the second hash check value is compared with a first hash check value generated by the hash check of the sending end, and if there is no difference, it is determined that the original text information is complete and has not been tampered in the transmission process.
Step S280, judging whether to forward the original text information based on the integrity of the original text information.
In this embodiment, after the integrity of the original text information is known, whether a request for forwarding the original text information exists is determined, and whether the original text information is forwarded is determined according to the forwarding request.
Step S290, when the original text information is determined to be complete and not forwarded, the original text information is obtained.
In this embodiment, when the result of the hash check determines that the original text information is complete, has not been tampered, and has no request for forwarding the original text information, the receiving end acquires the original text information sent by the sending end.
Specifically, the receiving end generates a receiving end public key and a receiving end private key related to the self identity information, the receiving end public key is used for encryption, and correspondingly decryption is carried out according to the receiving end private key. And receiving a sending end public key sent by a sending end, and encrypting the identity information of the receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file. And the identity information of the receiving end and the public key of the receiving end are sent to the sending end, so that the subsequent sending end can decrypt and obtain the public key of the receiving end and the identity information of the receiving end conveniently, and the sending end encrypts the original text information into an encrypted file which can be decrypted by the receiving end according to the private key of the receiving end. The method and the device ensure that the original text information is only limited to the receiving end to be decrypted and acquired in the transmission process, avoid being checked and received by other people, and ensure the safety of the information. And receiving a second encrypted file sent by the sending end, wherein the second encrypted file is encrypted at the sending end according to the public key of the receiving end, and can only be successfully decrypted by the receiving end in the transmission process, so that the safety in the original text information transmission process is ensured. And receiving a second encrypted file sent by the sending end, wherein the second encrypted file is encrypted at the sending end according to the public key of the receiving end, and can only be successfully decrypted by the receiving end in the transmission process, so that the safety in the original text information transmission process is ensured. After the receiving end passes through the fingerprint information verification, it is determined that an operator at the receiving end has the right to operate and process the original text information, the second encrypted file is decrypted according to a private key of the receiving end, and first packaging information is obtained, wherein the first packaging information comprises a plurality of signature marks, which indicates that the original text information passes through one information receiving end, and then the signature mark corresponding to the information receiving end is left, for example, the original text information is transmitted from the first receiving end to the second receiving end and then from the second receiving end to the third receiving end, and then the packaging information transmitted to the third receiving end comprises the signature mark of the first receiving end and the signature mark of the second receiving end, so that the transmission origin and the transmission path of the original text information can be traced. And generating a second hash check value according to the combination of the public key of the sending end and the hash check, comparing the second hash check value with the first hash check value generated by the hash check of the sending end, and determining that the original text information is complete if no difference exists, and the original text information is not tampered in the transmission process. And judging whether a request for forwarding the original text information exists or not after the integrity of the original text information is known, and judging whether the original text information is forwarded or not according to the forwarding request. And when the hash check result determines that the original text information is complete and is not tampered and a request for forwarding the original text information does not exist, the receiving end acquires the original text information sent by the sending end.
In one embodiment, when it is determined that the textual information is complete and the textual information is to be forwarded, it is checked whether the propagation number of times of the textual information is less than a propagation threshold.
In this embodiment, the propagation number of the original text information is determined according to the signature in the first encapsulation information, the propagation number of the original text information is compared with a propagation threshold, it is determined whether the propagation number is smaller than the propagation threshold, and the setting of the propagation threshold limits the propagation number of the original text information, where the propagation number represents the number of propagation layers in a propagation layered structure, for example, the propagation threshold is 2, the sending end may send the original text information to a plurality of first receiving ends at the same time, and after receiving the forwarding request, the first receiving ends forward the original text information to a plurality of second receiving ends at the same time, but the second receiving ends cannot forward the original text information, and the propagation number is twice, but the number of receiving ends per propagation is not limited, so the setting of the propagation threshold may limit the propagation number.
And when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to the transfer end for encrypting the identity information of the transfer end and the transfer end public key.
In this embodiment, when the propagation number of the original text information is less than or equal to the propagation threshold, the receiving end is allowed to forward the original text information to the forwarding end, and the receiving end public key is sent to the forwarding end to encrypt the identity information of the forwarding end and the forwarding end public key in the same manner as the steps in the method.
And acquiring the fingerprint information of the receiving end, and starting the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows the forwarding operation.
In this embodiment, the fingerprint information of the receiving end is obtained again, whether an operator at the receiving end has the right to forward the original text information is judged, the information is prevented from being forwarded randomly, and when the fingerprint information of the receiving end is successfully matched with the fingerprint information allowing the forwarding operation, the information operation authority is opened.
And receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information.
In this embodiment, the identity information of the forwarding end and the public key of the receiving end are added to the first encapsulation information as additional fields to generate the second encapsulation information.
And signing the second packaging information according to the receiving end private key to generate a second signature mark.
In this embodiment, signature processing on the encapsulated information is performed before information transmission, a corresponding signature mark is generated, and the number of propagation times is determined according to the number of signature marks, which is also convenient for tracing the propagation origin and propagation path of the original information subsequently.
And encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file.
In this embodiment, the second encapsulation information after the signature is encrypted by using the public key of the transit terminal, so that the transit terminal can decrypt and obtain the second encapsulation information according to the identity information of the transit terminal.
And sending the fourth encrypted file to the transfer terminal.
Specifically, when it is determined that the original text information is complete and the original text information is to be forwarded, it is checked whether the propagation number of times of the original text information is smaller than a propagation threshold. Determining the propagation times of the original text information according to the signature marks in the first encapsulation information, comparing the propagation times of the original text information with a propagation threshold value, and determining whether the propagation times is smaller than the propagation threshold value, wherein the propagation times limit the propagation times of the original text information, the propagation times here indicate the number of propagation layers in a propagation layered structure, for example, the propagation threshold value is 2, a sending end can simultaneously send the original text information to a plurality of first receiving ends, and after receiving a forwarding request, the first receiving ends simultaneously forward the original text information to a plurality of second receiving ends, but the second receiving ends cannot forward the original text information, the propagation times are twice, but the number of receiving ends per time of propagation is not limited, so that the propagation times can be limited by the setting of the propagation threshold value. And when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to the transfer end for encrypting the identity information of the transfer end and the transfer end public key. And acquiring the fingerprint information of the receiving end, and starting the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows the forwarding operation. And acquiring the fingerprint information of the receiving end again, judging whether an operator of the receiving end has the right to forward the original text information or not, avoiding the random forwarding of the information, and starting the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information allowing the forwarding operation. And receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information. And signing the second packaging information according to the receiving end private key to generate a second signature mark. Signature processing on the packaged information is carried out before information is sent, corresponding signature marks are generated, the propagation times are determined according to the number of the signature marks, and the subsequent tracing of the propagation origin and the propagation path of the original text information is facilitated. And encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file. And sending the fourth encrypted file to the transfer terminal. And encrypting the signed second packaging information by using the public key of the switching terminal, so that the switching terminal can decrypt and obtain the second packaging information according to the identity information of the switching terminal.
In one embodiment, incomplete and invalid textual information is obtained when it is determined that the textual information is incomplete and not forwarded.
Specifically, when the original text information received by the receiving end is tampered but the information request is not forwarded, the receiving end obtains the plain text of the tampered original text information, and the plain text is invalid information for the receiving end.
In one embodiment, when the original text information is determined to be incomplete and to be forwarded, prompting that information sending operation cannot be performed.
Specifically, when the receiving end receives the forwarding request, but it is determined that the original text information is not completely tampered, the information sending operation cannot be performed, and the tampered information is prevented from being widely spread.
In one embodiment, when the propagation times of the original text information is greater than a propagation threshold value, the information sending operation cannot be performed.
Specifically, when the number of signature tags in the encapsulation information is equal to the propagation threshold, the forwarding operation of the information cannot be performed, the number of times of propagation of the information is limited, and illegal propagation of the information is avoided.
Fig. 3 is a schematic diagram of the principle of handling information by the receiving end Trustzone in an embodiment, as shown in fig. 3, the above steps S210 to S230, steps S250 to S280, checking the propagation times, adding the identity information useridC of the transfer end of the additional field, signing, encrypting the encapsulation information all occur in the Trustzone of the receiving end, the receiving end isolates an area from the CPU as Trustzone, and fingerprint authentication, key management, encryption and decryption operations, signing, authentication signing, information encapsulation, and information integrity judgment are performed by using the Trustzone technology. And the safety of information processing is ensured from a hardware layer.
In an embodiment, fig. 4 is a schematic flow chart of an information dissemination method in an embodiment, and referring to fig. 4, the embodiment provides an information dissemination method, where the method is applied to a sending end, and the method includes the following steps:
step S310, determining the original text information and setting a propagation threshold value.
In this embodiment, the sending end selects the original text information to be sent, sets a propagation threshold of the original text information, that is, the maximum propagation times of the original text information, limits the propagation times of the original text information, and avoids illegal propagation of the information.
Step S320, a key pair is generated based on the key management policy of the sending end, where the key pair includes a public key of the sending end and a private key of the sending end.
In this embodiment, the sender public key and the sender private key generated based on the identity information of the sender are used to encrypt or decrypt the original text information.
Step S330, the sending end public key is sent to the receiving end for encrypting the identity information and the receiving end public key of the receiving end.
In this embodiment, the sending end public key is sent to the receiving end, and the receiving end encrypts the identity information of the receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file, and then sends the first encrypted challenge to the sending end to decrypt and obtain the identity information of the receiving end and the receiving end public key. The method is convenient for the subsequent operation processing of the original text information by utilizing the identity information of the receiving end and the public key of the receiving end.
Step S340, receiving the fingerprint information of the sending end, and opening an information operation permission when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent.
In this embodiment, whether an operator at the sending end has the right to send information is judged according to the fingerprint information, so that random sending of the information is avoided, the safety of information sending is ensured, and when the fingerprint information at the sending end is successfully matched with the fingerprint information allowing the information to be sent, the information operation right is opened.
And step S350, adding additional fields to the original text information, and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of the sending end, a propagation time field and a public key field of the sending end.
In the embodiment, the origin of the original text information can be known after the information is sent according to the identity information in the additional field, whether the information can be forwarded or not can be judged before forwarding each time according to the set propagation times, the forwarding times of the original text information is limited, and random and illegal forwarding of the information is avoided.
Step S360, signing the first packaging information according to the private key of the sending end to generate a first signature mark.
In this embodiment, it can be known that the propagation number is 1 according to the first signature, how many signature marks are carried by the encapsulation information in the subsequent forwarding process, and the propagation number can be determined according to the number of signature marks.
Step S370, receiving a first encrypted file sent from the receiving end, where the first encrypted file includes the receiving end public key and the identity information of the receiving end, adding the identity information of the receiving end to the first encapsulation information, and encrypting the signed first encapsulation information according to the receiving end public key to obtain a second encrypted file.
In this embodiment, the identity information of the receiving end is added, so that the subsequent tracing of the propagation origin and the propagation path of the original text information is facilitated, the public key of the receiving end is used for encrypting the first encapsulation information to generate a second encrypted file, and the receiving end is facilitated to decrypt and obtain the first encapsulation information.
And step 380, sending the second encrypted file to the receiving end.
Specifically, textual information is determined and a propagation threshold is set. The transmitting end selects the original text information to be transmitted, sets a propagation threshold of the original text information, namely the maximum propagation times of the original text information, limits the propagation times of the original text information and avoids illegal propagation of the information. And generating a key pair based on the key management strategy of the sending end, wherein the key pair comprises a public key of the sending end and a private key of the sending end. And sending the public key of the sending end to a receiving end for encrypting the identity information of the receiving end and the public key of the receiving end. And the receiving end encrypts the identity information of the receiving end and the public key of the receiving end according to the public key of the sending end to generate a first encrypted file, and then sends the first encrypted asking price to the sending end to decrypt to obtain the identity information of the receiving end and the public key of the receiving end. The method is convenient for the subsequent operation processing of the original text information by utilizing the identity information of the receiving end and the public key of the receiving end. And receiving the fingerprint information of the sending end, and opening the information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent. And judging whether an operator of the sending end has the right to send information or not according to the fingerprint information, avoiding the random sending of the information, ensuring the safety of information sending, and opening the information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent. And adding additional fields to the original text information and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of the sending end, a propagation time field and a public key field of the sending end. The origin of the original text information can be known after the information is sent according to the identity information in the additional field, whether the original text information can be forwarded or not can be judged before forwarding each time according to the set propagation times, the forwarding times of the original text information is limited, and random and illegal forwarding of the information is avoided. And signing the first packaging information according to the private key of the sending end to generate a first signature mark. According to the first signature mark, the propagation frequency is 1, the number of signature marks carried by the packaging information in the subsequent forwarding process can be known, and the propagation frequency can be determined according to the number of the signature marks. Receiving a first encrypted file sent by the receiving end, wherein the first encrypted file comprises the receiving end public key and the identity information of the receiving end, adding the identity information of the receiving end into the first packaging information, and encrypting the signed first packaging information according to the receiving end public key to obtain a second encrypted file. The identity information of the receiving end is added, so that the subsequent tracing of the transmission origin and the transmission path of the original text information is facilitated, the public key of the receiving end is utilized to encrypt the first packaging information to generate a second encrypted file, and the receiving end is facilitated to decrypt and obtain the first packaging information. And sending the second encrypted file to the receiving end.
Fig. 5 is a schematic diagram of Trustzone processing information of a sending end in an embodiment, as shown in fig. 5, wherein steps S320 to S370 all occur in Trustzone of the sending end, the sending end isolates an area as Trustzone from a CPU, and performs fingerprint authentication, key management, encryption and decryption operations, signature, authentication signature, information encapsulation, and information integrity judgment by using Trustzone technology. And the safety of information processing is ensured from a hardware layer.
In an embodiment, fig. 6 is a schematic flow chart of an information dissemination method in an embodiment, fig. 7 is a schematic principle diagram of information encapsulation in an embodiment, and referring to fig. 6 and fig. 7, the embodiment provides an information dissemination method, the method is applied to a forwarding end, and the method includes the following steps:
step S410, a key pair is generated based on the key management strategy of the transfer terminal, and the key pair comprises a public key of the transfer terminal and a private key of the transfer terminal.
In this embodiment, the transit terminal public key and the transit terminal private key generated based on the identity information of the transit terminal are used to encrypt or decrypt the original text information.
Step S420, receiving a receiving end public key sent by a receiving end, encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key, and generating a third encrypted file.
In this embodiment, the receiving end public key is used to encrypt the identity information of the forwarding end and the forwarding end public key to generate a third encrypted file, so that the subsequent receiving end can decrypt and obtain the forwarding end public key and the identity information of the forwarding end, and the receiving end encrypts the original text information into an encrypted file that can be decrypted by the forwarding end according to the forwarding end private key. The original text information is ensured to be only limited to the transfer end to be decrypted and acquired in the transmission process, so that the original text information is prevented from being checked and received by other people, and the safety of the information is ensured.
Step S430, sending the third encrypted file to the receiving end.
Step S440, receiving a fourth encrypted file encrypted by the receiving end according to the transfer end public key.
In this embodiment, a fourth encrypted file sent from the receiving end is received, and the fourth encrypted file is encrypted at the receiving end according to the public key of the forwarding end, and can only be decrypted successfully by the forwarding end in the transmission process, so that the security in the original text information transmission process is ensured.
Step S450, acquiring the fingerprint information of the transfer end, and starting the information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received.
In this embodiment, the operation user at the switch end is prompted to perform fingerprint verification, and the judgment is performed according to the fingerprint information of the operation user acquired by the switch end, so as to judge whether the operator has the right to perform processing operation on the received original text information, thereby preventing the original text information from being forwarded at will.
Step S460, decrypting the fourth encrypted file according to the transfer terminal private key to obtain second encapsulation information.
In this embodiment, after the receiving end passes through the fingerprint information verification, it is determined that an operator at the receiving end has authority to perform operation processing on the original text information, and the fourth encrypted file is decrypted according to a private key of the receiving end to obtain second encapsulation information, where the second encapsulation information includes a plurality of signature marks, and in this embodiment, the second encapsulation information includes a first signature mark and a second signature mark, which indicates that each time the original text information passes through one information receiving end, the signature mark corresponding to the information receiving end is left step by step, so that the propagation times and the propagation path of the original text information can be traced.
Step S470, obtaining the public key of the receiving end in the second encapsulation information to perform hash check, and checking the integrity of the original information.
In this embodiment, a fourth hash check value is generated according to the combination of the public key of the transfer end and the hash check, the fourth hash check value is compared with a third hash check value generated by the hash check of the receiving end, and if there is no difference, it is determined that the original text information is complete and has not been tampered in the transmission process.
Step S480, determining whether to forward the original text information based on the integrity of the original text information.
In this embodiment, after the integrity of the original text information is known, whether a request for forwarding the original text information exists is determined, and whether the original text information is forwarded is determined according to the forwarding request.
Step S490, when the original text information is determined to be complete and not forwarded, the original text information is obtained.
In this embodiment, when the result of the hash check determines that the original text information is complete, has not been tampered, and has no request for forwarding the original text information, the receiving end acquires the original text information sent by the sending end.
Specifically, a key pair is generated based on a key management policy of the transit terminal, and the key pair includes a transit terminal public key and a transit terminal private key. And receiving a receiving end public key sent by a receiving end, and encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key to generate a third encrypted file. And encrypting the identity information of the transfer end and the public key of the transfer end by using the public key of the receiving end to generate a third encrypted file, so that the subsequent receiving end can conveniently decrypt and obtain the public key of the transfer end and the identity information of the transfer end, and the receiving end can encrypt the original text information into an encrypted file which can be decrypted by the transfer end according to the private key of the transfer end. The original text information is ensured to be only limited to the transfer end to be decrypted and acquired in the transmission process, so that the original text information is prevented from being checked and received by other people, and the safety of the information is ensured. And encrypting the identity information of the transfer end and the public key of the transfer end by using the public key of the receiving end to generate a third encrypted file, so that the subsequent receiving end can conveniently decrypt and obtain the public key of the transfer end and the identity information of the transfer end, and the receiving end can encrypt the original text information into an encrypted file which can be decrypted by the transfer end according to the private key of the transfer end. The original text information is ensured to be only limited to the transfer end to be decrypted and acquired in the transmission process, so that the original text information is prevented from being checked and received by other people, and the safety of the information is ensured. And receiving a fourth encrypted file which is encrypted by the receiving end according to the transfer end public key. And receiving a fourth encrypted file sent by the receiving terminal, wherein the fourth encrypted file is encrypted at the receiving terminal according to the public key of the switching terminal, and can only be successfully decrypted by the switching terminal in the transmission process, so that the safety in the original text information transmission process is ensured. And acquiring the fingerprint information of the transfer end, and starting the information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received. And prompting the operation user of the switching end to perform fingerprint verification, judging according to the fingerprint information of the operation user acquired by the switching end, and judging whether the operator has the right to process the received original text information, so that the original text information is prevented from being randomly forwarded. And decrypting the fourth encrypted file according to the transfer terminal private key to obtain second packaging information. After the receiving end passes through the fingerprint information verification, it is determined that an operator at the receiving end has the right to operate and process the original text information, the fourth encrypted file is decrypted according to a private key of the receiving end, and second packaging information is obtained, wherein the second packaging information comprises a plurality of signature marks, in the embodiment, the second packaging information comprises a first signature mark and a second signature mark, and the signature marks corresponding to the information receiving end are left step by step when the original text information passes through one information receiving end, so that the propagation times and the propagation path of the original text information can be traced. And obtaining the public key of the receiving end in the second packaging information to carry out hash verification and verify the integrity of the original text information. And generating a fourth hash check value according to the combination of the transfer terminal public key and the hash check, comparing the fourth hash check value with a third hash check value generated by the hash check of the receiving terminal, and determining that the original text information is complete and is not tampered in the transmission process if no difference exists. And judging whether to forward the original text information or not based on the integrity of the original text information. And judging whether a request for forwarding the original text information exists or not after the integrity of the original text information is known, and judging whether the original text information is forwarded or not according to the forwarding request. And when the original text information is determined to be complete and not forwarded, obtaining the original text information. And when the hash check result determines that the original text information is complete and is not tampered and a request for forwarding the original text information does not exist, the receiving end acquires the original text information sent by the sending end.
The transfer terminal refers to fig. 3, an area isolated from the CPU in the transfer terminal is Trustzone, and fingerprint authentication, key management, encryption and decryption operations, signing, authentication signing, information encapsulation and information integrity judgment are performed by using the Trustzone technology. And the safety of information processing is ensured from a hardware layer.
As shown in fig. 7, a represents a sending end, B represents a receiving end, C represents a forwarding end, a file sent to B by a includes identity information a and a signature mark a of a, it is possible to trace that the origin of original text information is a, the number of propagation times is 1, when B is forwarded to C, a public key B, a signature mark B and identity information C of C are added on the basis of the file sent by a, the file obtained by C has the identity information of a and the identity information of B, i.e., a propagation path can be determined, the number of propagation times of the file can be determined according to the number of signature marks in the file, the number of propagation times is compared with a propagation threshold value n, when the number of propagation times is equal to n, the file cannot be forwarded, and the number of propagation times is limited by setting the propagation threshold value n, thereby avoiding random forwarding and illegal propagation of.
Fig. 2 is a schematic flowchart of an information dissemination method in an embodiment, fig. 4 is a schematic flowchart of an information dissemination method in an embodiment, and fig. 6 is a schematic flowchart of an information dissemination method in an embodiment. It should be understood that although the steps in the flowcharts of fig. 2, 4 and 6 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2, 4, and 6 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performing the sub-steps or stages is not necessarily sequential, but may be performed alternately or alternatingly with other steps or at least some of the sub-steps or stages of other steps.
In an embodiment, fig. 8 is a schematic structural diagram of an information dissemination device in an embodiment, and referring to fig. 8, the embodiment provides an information dissemination device, the device is applied to a receiving end, and the device includes:
a first key generation module 510, configured to generate a key pair based on a key management policy of a receiving end, where the key pair includes a receiving end public key and a receiving end private key;
a first receiving module 520, configured to receive a sending-end public key sent by a sending end, and encrypt, according to the sending-end public key, the identity information of the receiving end and the receiving-end public key to generate a first encrypted file;
a first sending module 530, configured to send the first encrypted file to the sending end;
a first ciphertext obtaining module 540, configured to receive a second encrypted file that is encrypted by the sending end according to the receiving end public key;
the first fingerprint receiving module 550 is configured to obtain the fingerprint information of the receiving end, and when the fingerprint information of the receiving end is successfully matched with the fingerprint information that allows receiving operation, start an information operation authority;
the first decryption module 560 is configured to decrypt the second encrypted file according to the receiving-end private key to obtain first encapsulation information, where the first encapsulation information includes at least one signature mark, and the source of the original information is determined based on the signature mark in the first encapsulation information;
the first verification module 570 is configured to perform hash verification according to the public key of the sending end in the first encapsulation information, and verify integrity of the original information;
a first forwarding judgment module 580, configured to judge whether to forward the original text information based on the integrity of the original text information;
the first forwarding module 590 is configured to obtain the original text information when it is determined that the original text information is complete and the original text information is not forwarded.
In one embodiment, the apparatus further comprises:
the frequency checking module is used for checking whether the propagation frequency of the original text information is less than a propagation threshold value or not when the original text information is determined to be complete and needs to be forwarded;
the transfer identity encryption module is used for sending the receiving end public key to the transfer end when the propagation times of the original text information is less than or equal to a propagation threshold value, and is used for encrypting the identity information of the transfer end and the transfer end public key;
the fingerprint information judging module is used for acquiring the fingerprint information of the receiving end, and opening the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows forwarding operation;
the field adding module is used for receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and the identity information of the switching end and the public key of the receiving end are used as additional fields to be added into the first packaging information for packaging to generate second packaging information;
the signature marking module is used for signing the second packaging information according to the receiving end private key to generate a second signature mark;
the encapsulation encryption module is used for encrypting the signed second encapsulation information according to the switching end public key to generate a fourth encrypted file;
and the transmission module is used for sending the fourth encrypted file to the transfer end.
In one embodiment, the apparatus further comprises:
and the invalid information acquisition module is used for acquiring incomplete and invalid original text information when the original text information is determined to be incomplete and not forwarded.
In one embodiment, the apparatus further comprises:
and the forwarding stopping module is used for prompting that the information sending operation cannot be carried out when the original text information is determined to be incomplete and to be forwarded.
In an embodiment, fig. 9 is a schematic structural diagram of an information dissemination device in an embodiment, and referring to fig. 11, the embodiment provides an information dissemination device, where the device is applied to a sending end, and the device includes:
a setting module 610, configured to determine the textual information and set a propagation threshold:
a second key generation module 620, configured to generate a key pair based on a key management policy of a sending end, where the key pair includes a sending end public key and a sending end private key;
a second sending module 630, configured to send the sending-end public key to the receiving end, and encrypt the identity information of the receiving end and the receiving-end public key;
a second fingerprint receiving module 640, configured to receive the fingerprint information of the sending end, and when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent, open an information operation permission;
a first encapsulation module 650, configured to encapsulate the original text information after adding an additional field to obtain first encapsulation information, where the additional field includes an identity information field of the sending end, a propagation time field, and a public key field of the sending end;
the first signature module 660 is configured to sign the first encapsulation information according to the sending-end private key, and generate a first signature mark;
an information obtaining module 670, configured to receive a first encrypted file sent from the receiving end, where the first encrypted file includes the receiving end public key and identity information of the receiving end, add the identity information of the receiving end to the first encapsulation information, and encrypt the signed first encapsulation information according to the receiving end public key to obtain a second encrypted file;
the information sending module 680 is configured to send the second encrypted file to the receiving end.
In an embodiment, fig. 10 is a schematic structural diagram of an information dissemination device in an embodiment, and referring to fig. 10, the embodiment provides an information dissemination device, the device is applied to a forwarding end, and the device includes:
a third key generation module 710, configured to generate a key pair based on a key management policy of the transit terminal, where the key pair includes a transit terminal public key and a transit terminal private key;
a third receiving module 720, configured to receive a receiving end public key sent from a receiving end, encrypt the identity information of the transfer end and the transfer end public key according to the receiving end public key, and generate a third encrypted file;
a third sending module 730, configured to send the third encrypted file to the receiving end;
a second ciphertext obtaining module 740, configured to receive a fourth encrypted file that is encrypted by the receiving end according to the transfer end public key;
the third fingerprint receiving module 750 is configured to obtain the fingerprint information of the transfer end, and when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received, start an information operation authority;
the second decryption module 760 is configured to decrypt the fourth encrypted file according to the private key of the transit terminal to obtain second package information;
a second verification module 770, configured to obtain the public key of the receiving end in the second encapsulation information, perform hash verification, and verify the integrity of the original text information;
a second forwarding judgment module 780, configured to judge whether to forward the textual information based on the integrity of the textual information;
the second forwarding module 790 is configured to, when it is determined that the original text information is complete and the original text information is not forwarded, obtain the original text information.
FIG. 11 is a diagram illustrating an internal structure of a computer device in one embodiment. The computer device may specifically be the terminal 110 (or the server 120) in fig. 1. As shown in fig. 11, the computer apparatus includes a processor, a memory, a network interface, an input device, and a display screen connected through a system bus. Wherein the memory includes a non-volatile storage medium and an internal memory. The non-volatile storage medium of the computer device stores an operating system and may also store a computer program that, when executed by the processor, causes the processor to implement the information dissemination method. The internal memory may also have stored therein a computer program that, when executed by the processor, causes the processor to perform the information dissemination method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 11 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, the information dissemination means provided herein may be implemented in the form of a computer program that is executable on a computer device as shown in fig. 11. The memory of the computer device may store various program modules constituting the information dissemination device, such as a first key generation module, a first receiving module, a first sending module, a first ciphertext obtaining module, a first fingerprint receiving module, a first decryption module, a first verification module, a first forwarding judgment module, and a first forwarding module shown in fig. 8. The computer program constituted by the respective program modules causes the processor to execute the steps in the information dissemination method of the respective embodiments of the present application described in the present specification.
For example, the computer device shown in fig. 11 may perform the key management policy generation key pair based on the receiving end, which includes the receiving end public key and the receiving end private key, through the first key generation module in the information dissemination apparatus shown in fig. 8. The computer equipment can execute receiving of a sending end public key sent by a sending end through the first receiving module, and encrypts identity information of the receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file. The computer device may perform sending the first encrypted file to the sender through a first sending module. The computer equipment can execute receiving of a second encrypted file which is obtained from the sending end through the first ciphertext obtaining module and encrypted according to the receiving end public key. The computer equipment can execute the acquisition of the fingerprint information of the receiving end through the first fingerprint receiving module, and when the fingerprint information of the receiving end is successfully matched with the fingerprint information allowing the receiving operation, the information operation authority is started. The computer equipment can execute decryption on the second encrypted file according to the receiving end private key through the first decryption module to obtain first packaging information, the first packaging information comprises at least one signature mark, and the source of the original text information is determined based on the signature mark in the first packaging information. The computer equipment can execute hash verification according to the public key of the sending end in the first packaging information through the first verification module, and verify the integrity of the original text information. The computer device can execute the judgment of whether to forward the original text information based on the integrity of the original text information through a first forwarding judgment module. The computer equipment can obtain the original text information when the original text information is determined to be complete and not forwarded through the first forwarding module.
In one embodiment, a computer device is provided, comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program: generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key; receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file; sending the first encrypted file to the sending end; receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end; acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation; decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information; performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
In one embodiment, the processor, when executing the computer program, further performs the steps of: when it is determined that the textual information is complete and the textual information is to be forwarded, then: checking whether the propagation times of the original text information is smaller than a propagation threshold value; when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to the transfer end for encrypting the identity information of the transfer end and the transfer end public key; acquiring fingerprint information of the receiving terminal, and starting information operation authority when the fingerprint information of the receiving terminal is successfully matched with the fingerprint information which allows forwarding operation; receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information; signing the second packaging information according to the receiving end private key to generate a second signature mark; encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file; and sending the fourth encrypted file to the transfer terminal.
In one embodiment, the processor, when executing the computer program, further performs the steps of: when the original text information is determined to be incomplete and not forwarded, incomplete and invalid original text information is obtained.
In one embodiment, the processor, when executing the computer program, further performs the steps of: and when the original text information is determined to be incomplete and to be forwarded, prompting that the information sending operation cannot be carried out.
In one embodiment, the processor, when executing the computer program, further performs the steps of: and when the propagation times of the original text information is greater than a propagation threshold value, prompting that the information sending operation cannot be carried out.
In one embodiment, the processor, when executing the computer program, further performs the steps of: determining original text information, and setting a propagation threshold value: generating a key pair based on a key management strategy of a sending end, wherein the key pair comprises a public key of the sending end and a private key of the sending end; sending the public key of the sending end to a receiving end for encrypting the identity information of the receiving end and the public key of the receiving end; receiving the fingerprint information of the sending end, and starting information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent; adding additional fields to the original text information and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of a sending end, a propagation time field and a public key field of the sending end; signing the first packaging information according to the private key of the sending end to generate a first signature mark; receiving a first encrypted file sent by the receiving end, wherein the first encrypted file comprises the receiving end public key and identity information of the receiving end, adding the identity information of the receiving end into the first packaging information, and encrypting the signed first packaging information according to the receiving end public key to obtain a second encrypted file; and sending the second encrypted file to the receiving end.
In one embodiment, the processor, when executing the computer program, further performs the steps of: generating a key pair based on a key management strategy of the switching end, wherein the key pair comprises a public key of the switching end and a private key of the switching end; receiving a receiving end public key sent by a receiving end, and encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key to generate a third encrypted file; sending the third encrypted file to the receiving end; receiving a fourth encrypted file which is encrypted by the receiving end according to the transfer end public key; acquiring fingerprint information of the transfer end, and starting information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received; decrypting the fourth encrypted file according to the transfer terminal private key to obtain second packaging information; obtaining the public key of the receiving end in the second packaging information to carry out hash verification, and verifying the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of: generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key; receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file; sending the first encrypted file to the sending end; receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end; acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation; decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, and determining the source of the original text information based on the signature mark in the first packaging information; performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
In one embodiment, the computer program when executed by the processor further performs the steps of: when it is determined that the textual information is complete and the textual information is to be forwarded, then: checking whether the propagation times of the original text information is smaller than a propagation threshold value; when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to the transfer end for encrypting the identity information of the transfer end and the transfer end public key; acquiring fingerprint information of the receiving terminal, and starting information operation authority when the fingerprint information of the receiving terminal is successfully matched with the fingerprint information which allows forwarding operation; receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information; signing the second packaging information according to the receiving end private key to generate a second signature mark; encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file; and sending the fourth encrypted file to the transfer terminal.
In one embodiment, the computer program when executed by the processor further performs the steps of: when the original text information is determined to be incomplete and not forwarded, incomplete and invalid original text information is obtained.
In one embodiment, the computer program when executed by the processor further performs the steps of: and when the original text information is determined to be incomplete and to be forwarded, prompting that the information sending operation cannot be carried out.
In one embodiment, the computer program when executed by the processor further performs the steps of: and when the propagation times of the original text information is greater than a propagation threshold value, prompting that the information sending operation cannot be carried out.
In one embodiment, the computer program when executed by the processor further performs the steps of: determining original text information, and setting a propagation threshold value: generating a key pair based on a key management strategy of a sending end, wherein the key pair comprises a public key of the sending end and a private key of the sending end; sending the public key of the sending end to a receiving end for encrypting the identity information of the receiving end and the public key of the receiving end; receiving the fingerprint information of the sending end, and starting information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent; adding additional fields to the original text information and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of a sending end, a propagation time field and a public key field of the sending end; signing the first packaging information according to the private key of the sending end to generate a first signature mark; receiving a first encrypted file sent by the receiving end, wherein the first encrypted file comprises the receiving end public key and identity information of the receiving end, adding the identity information of the receiving end into the first packaging information, and encrypting the signed first packaging information according to the receiving end public key to obtain a second encrypted file; and sending the second encrypted file to the receiving end.
In one embodiment, the computer program when executed by the processor further performs the steps of: generating a key pair based on a key management strategy of the switching end, wherein the key pair comprises a public key of the switching end and a private key of the switching end; receiving a receiving end public key sent by a receiving end, and encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key to generate a third encrypted file; sending the third encrypted file to the receiving end; receiving a fourth encrypted file which is encrypted by the receiving end according to the transfer end public key; acquiring fingerprint information of the transfer end, and starting information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received; decrypting the fourth encrypted file according to the transfer terminal private key to obtain second packaging information; obtaining the public key of the receiving end in the second packaging information to carry out hash verification, and verifying the integrity of the original text information; judging whether to forward the original text information based on the integrity of the original text information; and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. An information dissemination method, characterized in that the method is applied to a receiving end, and the method comprises:
generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
receiving a sending end public key sent by a sending end, and encrypting the identity information of a receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
sending the first encrypted file to the sending end;
receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
acquiring fingerprint information of the receiving end, and starting information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, wherein the first packaging information comprises at least one signature mark, original text information, an identity information field of a sending end, the number of transmission times and a sending end public key field, and determining the source of the original text information based on the signature mark, the identity information field of the sending end, the number of transmission times and the sending end public key field in the first packaging information;
performing hash check according to the public key of the sending end in the first packaging information, and checking the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
2. The method of claim 1, wherein when it is determined that the textual information is complete and the textual information is to be forwarded, then:
checking whether the propagation times of the original text information is smaller than a propagation threshold value;
when the propagation times of the original text information is less than or equal to a propagation threshold value, sending the receiving end public key to a transfer end for encrypting the identity information of the transfer end and the transfer end public key;
acquiring fingerprint information of the receiving terminal, and starting information operation authority when the fingerprint information of the receiving terminal is successfully matched with the fingerprint information which allows forwarding operation;
receiving a third encrypted file sent by the switching end, wherein the third encrypted file comprises the public key of the switching end and the identity information of the switching end, and adding the identity information of the switching end and the public key of the receiving end as additional fields into the first packaging information for packaging to generate second packaging information;
signing the second packaging information according to the receiving end private key to generate a second signature mark;
encrypting the signed second packaging information according to the public key of the switching terminal to generate a fourth encrypted file;
and sending the fourth encrypted file to the transfer terminal.
3. The method of claim 1, further comprising:
when the original text information is determined to be incomplete and not forwarded, incomplete and invalid original text information is obtained.
4. The method of claim 1, further comprising:
and when the original text information is determined to be incomplete and to be forwarded, prompting that the information sending operation cannot be carried out.
5. The method of claim 2, further comprising:
and when the propagation times of the original text information is greater than a propagation threshold value, prompting that the information sending operation cannot be carried out.
6. An information transmission method, applied to a transmitting end, the method comprising:
determining original text information, and setting a propagation threshold value:
generating a key pair based on a key management strategy of a sending end, wherein the key pair comprises a public key of the sending end and a private key of the sending end;
sending the public key of the sending end to a receiving end for encrypting the identity information of the receiving end and the public key of the receiving end;
receiving the fingerprint information of the sending end, and starting information operation authority when the fingerprint information of the sending end is successfully matched with the fingerprint information of the information allowed to be sent;
adding additional fields to the original text information and then packaging to obtain first packaging information, wherein the additional fields comprise an identity information field of a sending end, a propagation time field and a public key field of the sending end;
signing the first packaging information according to the private key of the sending end to generate a first signature mark;
receiving a first encrypted file sent by the receiving end, wherein the first encrypted file comprises a receiving end public key and identity information of the receiving end, adding the identity information of the receiving end into the signed first packaging information, and encrypting the signed first packaging information containing the identity information of the receiving end according to the receiving end public key to obtain a second encrypted file;
and sending the second encrypted file to the receiving end.
7. An information dissemination method, characterized in that the method is applied to a handover end, and the method comprises:
generating a key pair based on a key management strategy of the switching end, wherein the key pair comprises a public key of the switching end and a private key of the switching end;
receiving a receiving end public key sent by a receiving end, and encrypting the identity information of the transfer end and the transfer end public key according to the receiving end public key to generate a third encrypted file;
sending the third encrypted file to the receiving end;
receiving a fourth encrypted file which is encrypted by the receiving end according to the transfer end public key;
acquiring fingerprint information of the transfer end, and starting information operation authority when the fingerprint information of the transfer end is successfully matched with the fingerprint information of the information allowed to be received;
decrypting the fourth encrypted file according to the transfer terminal private key to obtain second packaging information;
obtaining the public key of the receiving end in the second packaging information to carry out hash verification, and verifying the integrity of the original text information;
judging whether to forward the original text information based on the integrity of the original text information;
and when the original text information is determined to be complete and not forwarded, obtaining the original text information.
8. An information dissemination device, characterized in that the device is applied to a receiving end, the device comprises:
the first key generation module is used for generating a key pair based on a key management strategy of a receiving end, wherein the key pair comprises a receiving end public key and a receiving end private key;
the first receiving module is used for receiving a sending end public key sent by a sending end, and encrypting the identity information of the receiving end and the receiving end public key according to the sending end public key to generate a first encrypted file;
the first sending module is used for sending the first encrypted file to the sending end;
the first ciphertext acquisition module is used for receiving a second encrypted file which is encrypted by the sending end according to the public key of the receiving end;
the first fingerprint receiving module is used for acquiring the fingerprint information of the receiving end, and opening the information operation authority when the fingerprint information of the receiving end is successfully matched with the fingerprint information which allows receiving operation;
the first decryption module is used for decrypting the second encrypted file according to the receiving end private key to obtain first packaging information, the first packaging information comprises at least one signature mark, original text information, an identity information field of a sending end, the number of transmission times and a sending end public key field, and the source of the original text information is determined based on the signature mark, the identity information field of the sending end, the number of transmission times and the sending end public key field in the first packaging information;
the first verification module is used for carrying out Hash verification according to the public key of the sending end in the first packaging information and verifying the integrity of the original text information;
the first forwarding judgment module is used for judging whether to forward the original text information based on the integrity of the original text information;
and the first forwarding module is used for acquiring the original text information when the original text information is determined to be complete and not forwarded.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 7 are implemented when the computer program is executed by the processor.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
CN202010157159.XA 2020-03-09 2020-03-09 Information dissemination method and device, computer equipment and storage medium Active CN111479265B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010157159.XA CN111479265B (en) 2020-03-09 2020-03-09 Information dissemination method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010157159.XA CN111479265B (en) 2020-03-09 2020-03-09 Information dissemination method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111479265A CN111479265A (en) 2020-07-31
CN111479265B true CN111479265B (en) 2021-06-18

Family

ID=71747254

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010157159.XA Active CN111479265B (en) 2020-03-09 2020-03-09 Information dissemination method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111479265B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11816193B2 (en) * 2020-04-20 2023-11-14 Cisco Technology, Inc. Secure automated issue detection

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114448732B (en) * 2022-04-08 2022-06-21 中国信息通信研究院 Protection method, device, medium and equipment for identifying private data network transmission
CN114745372A (en) * 2022-05-10 2022-07-12 南京酷派软件技术有限公司 File sending method and related equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7184917B2 (en) * 2003-02-14 2007-02-27 Advantest America R&D Center, Inc. Method and system for controlling interchangeable components in a modular test system
CN102761563A (en) * 2011-04-25 2012-10-31 ***通信集团山东有限公司 Data transmission method, device and system
CN102253997B (en) * 2011-07-08 2014-04-09 中国科学院上海微***与信息技术研究所 Food tracing and inquiry terminal based on internet of things technology
US8863082B2 (en) * 2011-09-07 2014-10-14 Microsoft Corporation Transformational context-aware data source management
US8863298B2 (en) * 2012-01-06 2014-10-14 Mobile Iron, Inc. Secure virtual file management system
US10915502B2 (en) * 2017-09-14 2021-02-09 Lenovo (Singapore) Pte Ltd Anonymous digital file sharing
CN109344662B (en) * 2018-09-17 2022-12-13 福建南威软件有限公司 Method for making credible electronic license copy based on multiple digital signatures
CN109885333B (en) * 2019-02-21 2022-04-05 北京致远互联软件股份有限公司 Data packet management method and device and electronic equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11816193B2 (en) * 2020-04-20 2023-11-14 Cisco Technology, Inc. Secure automated issue detection

Also Published As

Publication number Publication date
CN111479265A (en) 2020-07-31

Similar Documents

Publication Publication Date Title
CN107743133B (en) Mobile terminal and access control method and system based on trusted security environment
US9514317B2 (en) Policy-based trusted inspection of rights managed content
CN111479265B (en) Information dissemination method and device, computer equipment and storage medium
WO2019218919A1 (en) Private key management method and apparatus in blockchain scenario, and system
CN109728914B (en) Digital signature verification method, system, device and computer readable storage medium
CN113268715A (en) Software encryption method, device, equipment and storage medium
CN106055936A (en) Method and device for encryption/decryption of executable program data package
CN113225324B (en) Block chain anonymous account creation method, system, device and storage medium
US11956367B2 (en) Cryptographic method for verifying data
CN113204772B (en) Data processing method, device, system, terminal, server and storage medium
CN114244522A (en) Information protection method and device, electronic equipment and computer readable storage medium
CN117155549A (en) Key distribution method, key distribution device, computer equipment and storage medium
CN110941861B (en) File protection method and device, computer equipment and medium
CN109978543B (en) Contract signing method and device, electronic equipment and storage medium
CN116136911A (en) Data access method and device
CN111934862B (en) Server access method and device, readable medium and electronic equipment
CN108429621B (en) Identity verification method and device
CN112948894A (en) Block chain-based anti-counterfeiting method, device, equipment and medium for tally inspection report
CN110971610A (en) Control system identity verification method and device, computer equipment and storage medium
CN110708273B (en) Data encryption and decryption method and data encryption and decryption system
CN116684102A (en) Message transmission method, message verification method, device, equipment, medium and product
CN114553557B (en) Key calling method, device, computer equipment and storage medium
CN110708155A (en) Copyright information protection method, copyright information protection system, copyright confirming method, copyright confirming device, copyright confirming equipment and copyright confirming medium
CN114331648A (en) Bid file processing method, device, equipment and storage medium
CN211557285U (en) Control terminal, signature server and task server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant