CN112632585B

CN112632585B - Webpage data transmission system, method, device, medium and equipment

Info

Publication number: CN112632585B
Application number: CN202011618846.3A
Authority: CN
Inventors: 安晓江; 李鹏坤; 蒋红宇
Original assignee: Beijing Haitai Fangyuan High Technology Co Ltd
Current assignee: Beijing Haitai Fangyuan High Technology Co Ltd
Priority date: 2020-12-31
Filing date: 2020-12-31
Publication date: 2022-04-01
Anticipated expiration: 2040-12-31
Also published as: CN112632585A

Abstract

The invention relates to a webpage data transmission system, a method, a device, a medium and equipment. The label (and the attribute data of the label) with the designated meaning can be defined, the newly defined label (and the attribute data of the label) is used for carrying related information, and the encrypted transmission of the designated information in the webpage data is realized through the interaction of the label information. The scheme provided by the embodiment of the invention is not only suitable for the server side to require the browser client to encrypt the uploaded webpage data, but also suitable for the browser client to encrypt the uploaded webpage data according to the requirement of the server side, and is also suitable for the server side to encrypt the webpage data issued to the browser client. The encryption of the webpage data is realized by defining the label (and the attribute data of the label) with the designated meaning without the support of a browser control, so that the problem of high difficulty in realizing the encryption of the webpage data through the browser control is solved, and the difficulty in encrypting the webpage data is reduced.

Description

Webpage data transmission system, method, device, medium and equipment

Technical Field

The present invention relates to the field of communications technologies, and in particular, to a system, a method, an apparatus, a medium, and a device for transmitting web page data.

Background

This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.

At present, encryption of webpage data mainly involves a server side requiring a browser client to encrypt specified information in uploaded webpage data, and then the server side obtains the specified information uploaded by the browser client through decryption to ensure the security of the specified information uploaded by the browser client. In the prior art, the encryption of the uploaded webpage data by the browser client is realized through a browser control.

However, due to security reasons, functions of the browser control are increasingly limited, difficulty in implementing webpage data encryption through the browser control is increased, installation and upgrade of the browser control are complicated, and difficulty in implementing webpage data encryption through the browser control is further increased.

Disclosure of Invention

Embodiments of the present invention provide a system, a method, a device, a medium, and an apparatus for transmitting web page data, which are used to solve the problem that it is difficult to encrypt web page data through a browser control.

In a first aspect, the present invention provides a web page data transmission system, which includes a server and a browser client, wherein:

the server is used for adding attribute data to be encrypted to at least one tag, the attribute data to be encrypted is used for identifying that input information corresponding to the tag needs to be encrypted and carries a key identifier used for encrypting the input information, and an encryption certificate tag and each tag added with the attribute data to be encrypted are carried in webpage data and sent to the browser client, and the encryption certificate tag is used for carrying an identifier of an encryption certificate configured for the browser client and obtaining a server address of the encryption certificate;

the browser client is used for analyzing the encrypted certificate labels after receiving the webpage data carrying the encrypted certificate labels and each label added with the attribute data to be encrypted, according to the analyzed encryption certificate identification, searching whether the encryption certificate corresponding to the encryption certificate identification is stored or not, if the encryption certificate is determined to be stored, when receiving input information corresponding to each tag added with attribute data to be encrypted, generating a corresponding key aiming at a key identification carried by the tag added with the attribute data to be encrypted, encrypting the input information by using the key, and carrying the corresponding encrypted data tags and key tags in the webpage data, and sending the webpage data to the server, wherein each key tag is used for carrying the identifier of the generated key and the key encrypted by the public key of the encrypted certificate, and each encrypted data tag is used for carrying the encrypted input information and the identifier of the key used for encrypting the input information.

Optionally, the server is further configured to, if receiving the web page data carrying at least one encrypted data tag and at least one key tag sent by the browser client, decrypt, according to the key identifier carried in the encrypted data tag, the encrypted key carried in the key tag carrying the key identifier by using the encrypted certificate private key for each encrypted data tag, and decrypt, by using the decrypted key, the encrypted input information carried in the encrypted data tag.

Optionally, the browser client is further configured to, if it is determined that the encryption certificate corresponding to the analyzed encryption certificate identifier is not stored, obtain and store the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag according to the address of the server carried by the encryption certificate tag, where the server obtains the encryption certificate.

In a second aspect, the present invention further provides a method for transmitting web page data, where the method includes:

adding attribute data to be encrypted to at least one tag; the attribute data to be encrypted is used for identifying that input information corresponding to the label needs to be encrypted and carries an identifier of a key used for encrypting the input information;

carrying an encryption certificate label and each label added with attribute data to be encrypted in webpage data and sending the webpage data to a browser client, wherein the encryption certificate label is used for carrying an identification of an encryption certificate configured for the browser client and obtaining a server address of the encryption certificate;

so that the browser client analyzes the encrypted certificate labels after receiving the webpage data carrying the encrypted certificate labels and each label added with the attribute data to be encrypted, according to the analyzed encryption certificate identification, searching whether the encryption certificate corresponding to the encryption certificate identification is stored or not, if the encryption certificate is determined to be stored, when receiving input information corresponding to each tag added with attribute data to be encrypted, generating a corresponding key aiming at a key identification carried by the tag added with the attribute data to be encrypted, encrypting the input information by using the key, and carrying the corresponding encrypted data tags and key tags in the webpage data, and sending the webpage data to the server, wherein each key tag is used for carrying the identifier of the generated key and the key encrypted by the public key of the encrypted certificate, and each encrypted data tag is used for carrying the encrypted input information and the identifier of the key used for encrypting the input information.

Optionally, if receiving the webpage data carrying at least one encrypted data tag and at least one key tag sent by the browser client, the method further includes:

and for each encrypted data label, decrypting the encrypted key carried in the key label carrying the key identification by using an encryption certificate private key according to the key identification carried in the encrypted data label, and decrypting the encrypted input information carried in the encrypted data label by using the decrypted key.

In a third aspect, the present invention further provides a method for transmitting web page data, where the method includes:

receiving webpage data carrying an encryption certificate label and at least one label added with attribute data to be encrypted, wherein the attribute data to be encrypted is used for identifying that input information corresponding to the label needs to be encrypted and carrying an identifier of a key used for encrypting the input information, and the encryption certificate label is used for carrying an identifier of an encryption certificate configured for a browser client and a server address for obtaining the encryption certificate;

analyzing the encrypted certificate label, and searching whether an encrypted certificate corresponding to the encrypted certificate label is stored or not according to the analyzed encrypted certificate label;

if the encryption certificate is determined to be stored, when input information corresponding to each tag added with the attribute data to be encrypted is received, generating a corresponding key aiming at a key identifier carried by the tag added with the attribute data to be encrypted, and encrypting the input information by using the key;

carrying corresponding encrypted data tags and key tags in webpage data, and sending the webpage data to a server, wherein each key tag is used for carrying an identifier of a generated key and the key encrypted by an encrypted certificate public key, and each encrypted data tag is used for carrying encrypted input information and an identifier of the key used for encrypting the input information;

the received webpage data is obtained by adding attribute data to be encrypted to at least one label by the server, and carrying the encrypted certificate label and each label added with the attribute data to be encrypted in the webpage data for sending together.

Optionally, if it is determined that the encryption certificate corresponding to the parsed encryption certificate identifier is not stored, the method further includes:

and acquiring and storing the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate label according to the address of the server for acquiring the encryption certificate carried by the encryption certificate label.

In a fourth aspect, the present invention further provides a device for transmitting web page data, where the device includes:

the adding module is used for adding attribute data to be encrypted to at least one label; the attribute data to be encrypted is used for identifying that input information corresponding to the label needs to be encrypted and carries an identifier of a key used for encrypting the input information;

the system comprises a sending module, a browser client and a server, wherein the sending module is used for carrying an encryption certificate label and each label added with attribute data to be encrypted in webpage data and sending the webpage data to the browser client, and the encryption certificate label is used for carrying an identification of an encryption certificate configured for the browser client and obtaining a server address of the encryption certificate;

Optionally, the apparatus further includes a receiving module and a decryption module:

the receiving module is used for receiving webpage data which is sent by the browser client and carries at least one encrypted data tag and at least one key tag;

the decryption module is configured to, if receiving the web page data which is sent by the browser client and carries at least one encrypted data tag and at least one key tag, decrypt, for each encrypted data tag, the encrypted key carried in the key tag carrying the key tag by using the encrypted certificate private key according to the key tag carried in the encrypted data tag, and decrypt, by using the decrypted key, the encrypted input information carried in the encrypted data tag.

In a fifth aspect, the present invention further provides a device for transmitting web page data, where the device includes:

the system comprises a receiving module, a server and a server, wherein the receiving module is used for receiving webpage data carrying an encryption certificate label and at least one label added with attribute data to be encrypted, the attribute data to be encrypted is used for identifying that input information corresponding to the label needs to be encrypted and carrying an identifier of a key used for encrypting the input information, and the encryption certificate label is used for carrying an identifier of an encryption certificate configured for a browser client and a server address for obtaining the encryption certificate;

the analysis module is used for analyzing the encrypted certificate label and searching whether an encrypted certificate corresponding to the encrypted certificate label is stored or not according to the analyzed encrypted certificate label;

the encryption module is used for generating a corresponding key aiming at a key identifier carried by each label added with the attribute data to be encrypted when the input information corresponding to each label added with the attribute data to be encrypted is received if the encryption certificate is determined to be stored, and encrypting the input information by using the key;

the sending module is used for carrying corresponding encrypted data tags and key tags in webpage data and sending the webpage data to the server, each key tag is used for carrying an identifier of a generated key and the key encrypted by an encrypted certificate public key, and each encrypted data tag is used for carrying encrypted input information and an identifier of the key used for encrypting the input information;

The device further comprises an acquisition module:

and the acquisition module is used for acquiring and storing the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate label according to the address of the server for acquiring the encryption certificate carried by the encryption certificate label if the encryption certificate corresponding to the analyzed encryption certificate identifier is not determined to be stored.

In a sixth aspect, the present invention further provides a web page data transmission system, where the system includes a server and a browser client, where:

the server is used for generating at least one secret key, encrypting at least one piece of information to be issued by using the generated secret key, respectively generating an encrypted data tag according to each piece of encrypted information to be issued, wherein each encrypted data tag carries one piece of encrypted information to be issued and an identifier of the secret key used for encrypting the information to be issued, and sending webpage data carrying an encrypted certificate tag and each generated encrypted data tag to the browser client, and the encrypted certificate tag is used for carrying the identifier of an encrypted certificate configured for the browser client and obtaining the server address of the encrypted certificate;

the browser client is used for receiving webpage data carrying an encrypted certificate label and at least one encrypted data label.

Optionally, the browser client is further configured to, if receiving web page data carrying an encrypted certificate tag and at least one encrypted data tag, parse the encrypted certificate tag, according to the analyzed encrypted certificate identification, whether an encrypted certificate corresponding to the encrypted certificate identification is stored or not is searched, if the encrypted certificate is determined to be stored, whether a key label corresponding to each encrypted data label is stored or not is searched, one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by an encrypted certificate public key, if the key label corresponding to each encrypted data label is determined to be stored, the key encrypted by the encrypted certificate public key carried in each key label is decrypted by using an encrypted certificate private key, and the encrypted information to be issued carried in each corresponding encrypted data label is decrypted by using the decrypted key.

Optionally, the browser client is further configured to send a key tag obtaining request to the server if it is determined that a key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing the key label corresponding to each encrypted data label sent by the server;

and the server is further configured to encrypt the key corresponding to each encrypted data tag by using the corresponding encryption certificate public key according to the key tag acquisition request after each encrypted data tag is generated, and send the corresponding key tag to the browser client.

In a seventh aspect, the present invention further provides a method for transmitting web page data, where the method includes:

generating at least one key;

encrypting at least one piece of information to be issued by using the generated key;

respectively generating an encrypted data tag according to each encrypted message to be issued, wherein each encrypted data tag carries an encrypted message to be issued and an identifier of a key used for encrypting the message to be issued;

and sending webpage data carrying an encryption certificate label and each generated encryption data label to a browser client, wherein the encryption certificate label is used for carrying an identifier of an encryption certificate configured for the browser client and a server address for acquiring the encryption certificate.

Optionally, the method further includes:

after each encrypted data tag is generated, according to a received key tag obtaining request sent by the browser client, wherein the key tag obtaining request carries an encrypted certificate identifier, a key corresponding to each encrypted data tag is encrypted by using a corresponding encrypted certificate public key, and the corresponding key tag is sent to the browser client.

In an eighth aspect, the present invention further provides a method for transmitting web page data, where the method includes:

receiving webpage data carrying an encryption certificate label and at least one encryption data label, wherein the encryption certificate label is used for carrying an identification of an encryption certificate configured for the browser client and obtaining a server address of the encryption certificate;

the received webpage data is obtained by the server generating at least one secret key, encrypting at least one piece of information to be issued by using the generated secret key, respectively generating an encrypted data tag according to each piece of encrypted information to be issued, wherein each encrypted data tag carries one piece of encrypted information to be issued and an identifier of the secret key used for encrypting the information to be issued, and the webpage data sent by the server carries an encrypted certificate tag and each generated encrypted data tag.

Optionally, if receiving the web page data carrying the encrypted certificate tag and the at least one encrypted data tag, the method further includes:

if the encryption certificate is determined to be stored, searching whether a key label corresponding to each encrypted data label is stored or not, wherein one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by the public key of the encryption certificate;

if the key label corresponding to each encrypted data label is determined to be stored, decrypting the key encrypted by the encrypted certificate public key carried in each key label by using the encrypted certificate private key;

and decrypting the encrypted information to be issued carried in each corresponding encrypted data label by using the decrypted key.

Optionally, if it is determined that the key tag corresponding to each encrypted data tag is not stored, the method further includes:

sending a key tag acquisition request to the server, wherein the key tag acquisition request carries an encryption certificate identifier;

storing a key label corresponding to each encrypted data label sent by the server;

and the key label corresponding to each encrypted data label is the corresponding key label sent by encrypting the key corresponding to each encrypted data label by using the corresponding encryption certificate public key according to the key label acquisition request after the server generates each encrypted data label.

In a ninth aspect, the present invention further provides a device for transmitting web page data, where the device includes:

a key generation module for generating at least one key;

the encryption module is used for encrypting at least one piece of information to be issued by using the generated secret key;

the tag generation module is used for respectively generating an encrypted data tag according to each encrypted message to be issued, and each encrypted data tag carries an encrypted message to be issued and an identifier of a key used for encrypting the message to be issued;

the sending module is used for sending webpage data carrying an encryption certificate label and each generated encryption data label to the browser client, wherein the encryption certificate label is used for carrying an identifier of an encryption certificate configured for the browser client and a server address for obtaining the encryption certificate.

Optionally, the apparatus further includes a receiving module, configured to receive a key tag obtaining request sent by the browser client;

the encryption module is further configured to encrypt a key corresponding to each encrypted data tag by using a corresponding public key of an encryption certificate according to a key tag acquisition request sent by the browser client and received by the receiving module after each encrypted data tag is generated by the tag generation module, where the key tag acquisition request carries an identification of the encryption certificate;

the sending module is further configured to send the corresponding key tag to the browser client.

In a tenth aspect, the present invention further provides a device for transmitting web page data, where the device includes a receiving module, a searching module, a decrypting module, and an obtaining module, where:

the receiving module is used for receiving webpage data carrying an encryption certificate label and at least one encryption data label, wherein the encryption certificate label is used for carrying an identifier of an encryption certificate configured for the browser client and a server address for acquiring the encryption certificate;

Optionally, the searching module is configured to, if the receiving module receives web page data carrying an encrypted certificate tag and at least one encrypted data tag, parse the encrypted certificate tag, and search whether an encrypted certificate corresponding to the encrypted certificate tag is stored according to the parsed encrypted certificate tag; if the encryption certificate is determined to be stored, searching whether a key label corresponding to each encrypted data label is stored or not, wherein one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by the public key of the encryption certificate;

the decryption module is used for decrypting the key encrypted by the encrypted certificate public key carried in each key label by using the encrypted certificate private key if the key label corresponding to each encrypted data label is determined to be stored; and decrypting the encrypted information to be issued carried in each corresponding encrypted data label by using the decrypted key.

Optionally, the obtaining module is configured to send a key tag obtaining request to the server if it is determined that the key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing a key label corresponding to each encrypted data label sent by the server;

In an eleventh aspect, the present invention also provides a non-volatile computer storage medium storing an executable program which is executed by a processor to implement the method as described above.

In a twelfth aspect, the present invention further provides a web page data transmission device, including a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface, and the memory complete mutual communication through the communication bus;

the memory is used for storing a computer program;

the processor, when executing the program stored in the memory, is configured to implement the method steps as described above.

According to the scheme provided by the embodiment of the invention, the label (and the attribute data of the label) with the designated meaning can be defined, the newly defined label (and the attribute data of the label) is used for carrying the related information, and the encrypted transmission of the designated information in the webpage data is realized through the interaction of the label information. The scheme provided by the embodiment of the invention is not only suitable for the server side to require the browser client to encrypt the uploaded webpage data, but also suitable for the browser client to encrypt the uploaded webpage data according to the requirement of the server side, and is also suitable for the server side to encrypt the webpage data issued to the browser client. The encryption of the webpage data is realized by defining the label (and the attribute data of the label) with the designated meaning without the support of a browser control, so that the problem of high difficulty in realizing the encryption of the webpage data through the browser control is solved, and the difficulty in encrypting the webpage data is reduced.

Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

Fig. 1 is a schematic structural diagram of a web page data transmission system according to an embodiment of the present invention;

fig. 2 is a schematic flowchart of a method for transmitting web page data according to an embodiment of the present invention;

fig. 3 is a schematic flowchart of a method for transmitting web page data according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a web page data transmission device according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of a web page data transmission device according to an embodiment of the present invention;

fig. 6 is a schematic structural diagram of a web page data transmission system according to an embodiment of the present invention;

fig. 7 is a schematic flowchart of a method for transmitting web page data according to an embodiment of the present invention;

fig. 8 is a schematic flowchart of a method for transmitting web page data according to an embodiment of the present invention;

fig. 9 is a schematic structural diagram of a web page data transmission device according to an embodiment of the present invention;

fig. 10 is a schematic structural diagram of a web page data transmission device according to an embodiment of the present invention;

fig. 11 is a schematic structural diagram of a web page data transmission device according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

It should be noted that, the "plurality" or "a plurality" mentioned herein means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.

The terms "first," "second," and the like in the description and in the claims, and in the drawings described above, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein.

Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

Aiming at the problem that the difficulty in encrypting the webpage data through the browser control is high, the application provides a scheme for encrypting the webpage data based on the label in the webpage data. In the scheme of the application, the label with the designated meaning can be defined, the label comprises an encryption certificate label, an encryption data label and a key label, the attribute data of the label with the designated meaning can be defined, the newly defined label and the attribute data of the label carry related information, the encryption transmission of the designated information in the webpage data is realized through the interaction of the label information, the support of a browser control is not needed, and the encryption difficulty of the webpage data is reduced.

The encryption certificate label defined in the application is used for carrying an identification of an encryption certificate configured for a browser client and a server address for obtaining the encryption certificate. It can be understood that, in the scheme of the application, the browser client needs to configure an encryption certificate corresponding to the server, and a public key and a private key corresponding to the encryption certificate, so that mutual identity authentication between the server and the browser client can be realized through the encryption certificate, a secret key used for encryption is encrypted and decrypted through the public key and the private key corresponding to the encryption certificate, the security of secret key transmission is ensured, and the information of the encryption certificate is interacted through an encryption certificate label.

The encrypted certificate label may be, but is not limited to, as follows:

wherein certid represents an encryption certificate Identification (ID) uniquely identifying the encryption certificate;

url indicates the server address from which the encrypted certificate was obtained.

The encrypted data tag defined in the present application is used to carry encrypted information and an identifier of a key used to encrypt the information. It can be understood that, in the present application, the encryption information and the key information for encryption may be exchanged by encrypting the data tag.

The encrypted data tag may be, but is not limited to, as follows:

wherein, the encrypted represents a key ID which uniquely identifies the key;

info denotes encrypted information.

In the present application, the encrypted data tag may be used as an attribute value of another web page tag, for example, a tag < input type ═ text value ═ test '>, where the encrypted data tag is used as an attribute value to obtain an < input type ═ text value ═ encind' > encid ═ encid '> Enc (' test ') </EncInfo >), or may be used as intermediate information of another web page tag, for example, a tag < div >' test '</div >, and the encrypted data tag is used as the intermediate information to obtain < div > < EncInfo id ═ encid' > Enc ('test')/EncInfo > </div >, where Enc ('test') may be understood as information obtained by encrypting 'test' using a key corresponding to encid.

The key tag defined in the present application is used to carry an identification of the generated key and the key encrypted by the encrypted certificate public key. It can be understood that in the present application, the key used for encryption may be interacted through the key tag.

The key tag may be, but is not limited to, as follows:

<EncKey id＝’encid’>enckey</EncKey>

wherein encid represents a key ID;

enckey denotes the key corresponding to encrypted using the encryption certificate public key.

The attribute data to be encrypted defined by the application is used for identifying that the input information corresponding to the label needs to be encrypted and carries the identification of the key used for encrypting the input information. It can be understood that, in the scheme of the present application, the information to be encrypted may be indicated by the attribute data to be encrypted, and a corresponding encryption key is agreed.

The attribute data to be encrypted may be, but is not limited to, as follows:

TobeEnc＝’id’

where ID denotes a key ID.

Based on the above description, in view of the process that the server side requires the browser client to encrypt the uploaded webpage data, and the browser client encrypts and transmits the uploaded webpage data according to the requirement of the server side, an embodiment of the present invention provides a webpage data transmission system, which may have a structure as shown in fig. 1 and includes a server 11 and a browser client 12, where:

the server 11 is configured to add attribute data to be encrypted to at least one tag, where the attribute data to be encrypted is used to identify that input information corresponding to the tag needs to be encrypted and carries an identifier of a key used to encrypt the input information, and send an encryption certificate tag and each tag added with the attribute data to be encrypted to the browser client by carrying the encryption certificate tag and each tag in which the attribute data to be encrypted is added in web page data, where the encryption certificate tag is used to carry an identifier of an encryption certificate configured for the browser client and obtain a server address of the encryption certificate;

the browser client 12 is configured to, after receiving the web page data carrying the encrypted certificate tags and each tag added with attribute data to be encrypted, parse the encrypted certificate tags, according to the analyzed encryption certificate identification, searching whether the encryption certificate corresponding to the encryption certificate identification is stored or not, if the encryption certificate is determined to be stored, when receiving input information corresponding to each tag added with attribute data to be encrypted, generating a corresponding key aiming at a key identification carried by the tag added with the attribute data to be encrypted, encrypting the input information by using the key, and carrying the corresponding encrypted data tags and key tags in the webpage data, and sending the webpage data to the server, wherein each key tag is used for carrying the identifier of the generated key and the key encrypted by the public key of the encrypted certificate, and each encrypted data tag is used for carrying the encrypted input information and the identifier of the key used for encrypting the input information.

That is, in this embodiment, the input information that the browser client needs to encrypt and the identification of the key used for encryption may be indicated by the server adding the attribute data to be encrypted to the tag.

After the browser client receives the webpage data, if the corresponding encryption certificate is determined to be stored according to the encryption certificate tag, a corresponding key can be generated for the tag added with the attribute data to be encrypted, corresponding input information is encrypted, further the encryption information can be uploaded through the encryption data tag, and the encryption transmission of the webpage data is realized by uploading the key encrypted by the encryption certificate public key through the key tag.

Further, in a possible implementation manner, the server 11 is further configured to, if receiving the web page data that is sent by the browser client and carries at least one encrypted data tag and at least one key tag, for each encrypted data tag, according to a key identifier carried in the encrypted data tag, decrypt, by using an encryption certificate private key, an encrypted key carried in the key tag that carries the key identifier, and decrypt, by using the decrypted key, the encrypted input information carried in the encrypted data tag.

That is, in this embodiment, the server may decrypt the encrypted key by using the encryption certificate private key, and decrypt the encrypted information by using the decrypted key.

In addition, in a possible implementation manner, the browser client 12 is further configured to, if it is determined that the encryption certificate corresponding to the parsed encryption certificate identifier is not stored, obtain and store the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag according to the address of the server for obtaining the encryption certificate carried by the encryption certificate tag.

That is to say, in this embodiment, if the browser client does not configure the encryption certificate yet, the encryption certificate may be downloaded and stored according to the server address provided by the encryption certificate tag, so as to implement configuration of the encryption certificate.

It should be further noted that, after the browser client obtains the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag, and before the encryption certificate is stored, the content of the encryption certificate may be displayed to prompt the user to confirm whether the user trusts, and if the user does not confirm the trust, the process may be terminated (it may be understood that the display of the web page content is terminated), and an error may be reported. If the user confirms trust, the user can be continuously prompted to confirm whether to store the encryption certificate to the browser client, if the user confirms to store the encryption certificate to the browser client, the encryption certificate is stored, and if not, the process can be terminated.

It should be noted that, according to the key identifier carried by the attribute data to be encrypted, the client may generate at least one key. It can be understood that, for each tag, the key identifications carried by each added attribute data to be encrypted may be all the same, may also be all different, and may also be partially the same. That is, the key for encrypting the input information corresponding to each tag may be the same key, or different keys, or the same key for encrypting the input information corresponding to a part of the tags.

From the server side, an embodiment of the present invention further provides a method for transmitting web page data, where the flow of the steps of the method may be as shown in fig. 2, and the method includes:

step 101, adding attribute data to be encrypted to at least one label.

In this step, attribute data to be encrypted may be added to a tag corresponding to input information that needs to be encrypted. It can be understood that the attribute data to be encrypted is used for identifying input information corresponding to the tag, and needs to be encrypted, and carries an identifier of a key used for encrypting the input information.

And 102, carrying the encrypted certificate labels and each label added with the attribute data to be encrypted in webpage data and sending the webpage data to the browser client.

In this step, the encrypted certificate tags and each tag added with the attribute data to be encrypted may be carried in the web page data and sent to the browser client. It is understood that the encryption certificate tag is used for carrying an identification of an encryption certificate configured for the browser client and an address of a server for obtaining the encryption certificate.

Therefore, after the browser client receives the webpage data carrying the encryption certificate labels and each label added with the attribute data to be encrypted, the encryption certificate labels can be analyzed, whether the encryption certificate corresponding to the encryption certificate label is stored or not is searched according to the analyzed encryption certificate identification, if the encryption certificate is determined to be stored, when the input information corresponding to each label added with the attribute data to be encrypted is received, a corresponding key is generated according to the key identification carried by the label added with the attribute data to be encrypted, the input information is encrypted by using the key, the corresponding encryption data labels and the key labels are carried in the webpage data and are sent to the server, and the encryption transmission of the webpage data is achieved. It is to be understood that each key tag is configured to carry an identification of a generated key and the key encrypted by the encrypted certificate public key, and each encrypted data tag is configured to carry encrypted input information and an identification of the key used to encrypt the input information.

Further, the present embodiment may further include step 103:

and 103, decrypting the encrypted information in the received webpage data.

If receiving the web page data carrying at least one encrypted data tag and at least one key tag sent by the browser client, in this step, the server may decrypt, for each encrypted data tag, the encrypted key carried in the key tag carrying the key tag by using the encrypted certificate private key according to the key tag carried in the encrypted data tag, and decrypt the encrypted input information carried in the encrypted data tag by using the decrypted key.

From the client side, an embodiment of the present invention further provides a method for transmitting web page data, where the flow of the steps of the method may be as shown in fig. 3, and includes:

step 201, receiving webpage data carrying an encryption certificate label and at least one label added with attribute data to be encrypted.

In this step, the browser client may receive the web page data carrying the encryption certificate tag and at least one tag to which attribute data to be encrypted is added, to confirm information to be encrypted, and may confirm whether a corresponding encryption certificate is stored on the browser client based on the encryption certificate tag, thereby implementing identity authentication. It can be understood that the attribute data to be encrypted is used for identifying that input information corresponding to the tag needs to be encrypted and carries an identifier of a key used for encrypting the input information, and the encryption certificate tag is used for carrying an identifier of an encryption certificate configured for the browser client and a server address for obtaining the encryption certificate.

The received webpage data can be understood as that the server adds the attribute data to be encrypted to at least one label, and the encryption certificate label and each label added with the attribute data to be encrypted are carried in the webpage data and sent together.

Step 202, analyzing the encryption certificate label, and searching whether an encryption certificate corresponding to the encryption certificate label is stored according to the analyzed encryption certificate label.

In this step, the browser client may confirm whether itself has configured the corresponding encryption certificate, and if not, may continue to perform step 203, and if so, may jump to perform step 204.

And step 203, acquiring and storing the encryption certificate.

If it is determined that the encryption certificate corresponding to the encryption certificate tag is not stored, in this step, the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag may be obtained and stored according to the address of the server carried by the encryption certificate tag, which obtains the encryption certificate.

And step 204, encrypting the corresponding input information.

If it is determined that the encryption certificate corresponding to the encryption certificate tag is already stored, in this step, when input information corresponding to each tag to which attribute data to be encrypted is added is received, a corresponding key may be generated for a key identifier carried by the tag to which attribute data to be encrypted is added, and the input information may be encrypted by using the key.

And step 205, carrying the corresponding encrypted data tag and the corresponding key tag in the webpage data, and sending the webpage data to the server.

In this step, after each designated input message is encrypted, the corresponding encrypted data tag and key tag may be carried in the web page data and sent to the server. At this time, each key tag is used to carry an identifier of the generated key and the key encrypted by the encrypted certificate public key, and each encrypted data tag is used to carry the encrypted input information and an identifier of the key used to encrypt the input information.

Corresponding to the provided method, the following device is further provided.

An embodiment of the present invention provides a web page data transmission device, which may be integrated in a server, and a structure of the device may be as shown in fig. 4, where the device includes:

the adding module 21 is configured to add attribute data to be encrypted to at least one tag; the attribute data to be encrypted is used for identifying that input information corresponding to the label needs to be encrypted and carries an identifier of a key used for encrypting the input information;

the sending module 22 is configured to send the encrypted certificate tags and each tag added with attribute data to be encrypted to the browser client by being carried in the web page data, where the encrypted certificate tags are used to carry an identifier of an encrypted certificate configured for the browser client and a server address for obtaining the encrypted certificate;

Optionally, the apparatus further includes a receiving module 23 and a decryption module 24:

the receiving module 23 is configured to receive webpage data that is sent by the browser client and carries at least one encrypted data tag and at least one key tag;

the decryption module 24 is configured to, if receiving the web page data that is sent by the browser client and carries at least one encrypted data tag and at least one key tag, decrypt, for each encrypted data tag, the encrypted key carried in the key tag that carries the key tag according to the key tag carried in the encrypted data tag by using the encrypted certificate private key, and decrypt, by using the decrypted key, the encrypted input information carried in the encrypted data tag.

An embodiment of the present invention provides a device for transmitting web page data, which may be integrated in a client, and a structure of the device may be as shown in fig. 5, where the device includes:

the receiving module 31 is configured to receive web page data carrying an encrypted certificate tag and at least one tag to which attribute data to be encrypted is added, where the attribute data to be encrypted is used to identify that input information corresponding to the tag needs to be encrypted and carries an identifier of a key used to encrypt the input information, and the encrypted certificate tag is used to carry an identifier of an encrypted certificate configured for a browser client and a server address used to obtain the encrypted certificate;

the analysis module 32 is configured to analyze the encrypted certificate tag, and according to the analyzed encrypted certificate identifier, find whether an encrypted certificate corresponding to the encrypted certificate identifier is stored;

the encryption module 33 is configured to, if it is determined that the encryption certificate is stored, generate a corresponding key for a key identifier carried by each tag to which attribute data to be encrypted is added when receiving input information corresponding to each tag to which attribute data to be encrypted is added, and encrypt the input information using the key;

the sending module 34 is configured to carry corresponding encrypted data tags and key tags in the web page data, and send the web page data to the server, where each key tag is used to carry an identifier of a generated key and the key encrypted by the encrypted certificate public key, and each encrypted data tag is used to carry encrypted input information and an identifier of the key used to encrypt the input information;

Optionally, the apparatus further includes an obtaining module 35:

the obtaining module 35 is configured to, if it is determined that the encryption certificate corresponding to the analyzed encryption certificate identifier is not stored, obtain and store the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag according to the address of the server carried by the encryption certificate tag, where the server obtains the encryption certificate.

The functions of the functional units of the apparatuses provided in the above embodiments of the present invention may be implemented by the steps of the corresponding methods, and therefore, detailed working processes and beneficial effects of the functional units in the apparatuses provided in the embodiments of the present invention are not described herein again.

For the process of encrypting and transmitting the webpage data issued to the browser client by the server side, an embodiment of the present invention provides a webpage data transmission system, which may have a structure as shown in fig. 6 and includes a server 41 and a browser client 42, where:

the server 41 is configured to generate at least one key, encrypt at least one piece of information to be issued by using the generated key, generate an encrypted data tag according to each piece of encrypted information to be issued, where each encrypted data tag carries one piece of encrypted information to be issued and an identifier of the key used to encrypt the information to be issued, and send, to the browser client, web page data carrying an encrypted certificate tag and each generated encrypted data tag, where the encrypted certificate tag is used to carry an identifier of an encrypted certificate configured for the browser client and obtain a server address of the encrypted certificate;

the browser client 42 is configured to receive web page data carrying an encrypted certificate tag and at least one encrypted data tag.

That is to say, in this embodiment, the server may generate a key, encrypt each piece of information to be issued, and issue the encrypted information to the browser client through the encrypted data tag, thereby implementing encrypted transmission of the web page data. And sending an encryption certificate label while issuing the encryption information so as to realize identity authentication of the browser client.

Further, in a possible implementation manner, the browser client 42 is further configured to, if receiving the web page data carrying the encryption certificate tag and the at least one encryption data tag, parse the encryption certificate tag, according to the analyzed encrypted certificate identification, whether an encrypted certificate corresponding to the encrypted certificate identification is stored or not is searched, if the encrypted certificate is determined to be stored, whether a key label corresponding to each encrypted data label is stored or not is searched, one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by an encrypted certificate public key, if the key label corresponding to each encrypted data label is determined to be stored, the key encrypted by the encrypted certificate public key carried in each key label is decrypted by using an encrypted certificate private key, and the encrypted information to be issued carried in each corresponding encrypted data label is decrypted by using the decrypted key. Of course, the browser client 42 may further display each encrypted message to be issued after decrypting the message.

That is to say, in this embodiment, when it is determined that the encryption certificate is stored and the key tag corresponding to each encrypted data tag is stored, that is, the key tag corresponding to each key identifier corresponding to each encrypted data tag is stored, the browser client may further decrypt each encrypted key by using the encryption certificate private key and decrypt each encrypted information by using the decrypted key.

It should be noted that, in this embodiment, it can be understood that the number of key labels is the same as the number of key identifications corresponding to the encrypted data labels.

In addition, in a possible implementation manner, the browser client 42 is further configured to send a key tag obtaining request to the server if it is determined that the key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing the key label corresponding to each encrypted data label sent by the server;

the server 41 is further configured to encrypt, according to the key tag obtaining request, a key corresponding to each encrypted data tag by using a corresponding encrypted certificate public key after each encrypted data tag is generated, and send the corresponding key tag to the browser client.

That is, in this embodiment, the browser client may report the encryption certificate identifier to the server after configuring the encryption certificate, and the server may encrypt each key used for encrypting the information to be issued according to the encryption certificate identifier reported by the browser client by using the corresponding encryption certificate public key after generating the encryption data tag for the browser client, and send each encrypted key to the browser client by using the corresponding key tag, so that the browser client may decrypt the encrypted information according to the key tag after storing the key tag.

It should be noted that the timing for sending the key tag obtaining request by the browser client may be any timing after the encryption certificate is configured, for example, when receiving the web page data with the encrypted data tag sent by the server, or for example, before receiving the web page data with the encrypted data tag sent by the server, the decryption speed of the information is accelerated by requesting to obtain the key tag in advance.

Of course, similar to when the uploaded webpage data is encrypted according to the server requirement, the browser client 42 may also be configured to, if it is determined that the encryption certificate corresponding to the parsed encryption certificate identifier is not stored, obtain and store the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag according to the address of the server carried by the encryption certificate tag, where the server obtains the encryption certificate.

From the server side, an embodiment of the present invention further provides a method for transmitting web page data, where the flow of the steps of the method may be as shown in fig. 7, and the method includes:

step 301, generating at least one key.

In this step, the server may generate at least one key according to the information to be transmitted that needs to be encrypted.

And step 302, encrypting at least one piece of information to be issued by using the generated key.

In this step, the server encrypts each piece of information to be issued that needs to be encrypted, using the generated key.

And 303, respectively generating an encrypted data tag according to each encrypted to-be-issued message.

In this step, the server may generate an encrypted data tag according to each encrypted to-be-issued message. It can be understood that each encrypted data tag carries an encrypted to-be-issued message and an identifier of a key used for encrypting the to-be-issued message.

Step 304, sending the webpage data carrying the encrypted certificate tags and each generated encrypted data tag to the browser client.

In this step, the server may send, to the browser client, the web page data carrying the encryption certificate tag and each generated encryption data tag, where the encryption certificate tag is used to carry an identifier of an encryption certificate configured for the browser client and a server address for obtaining the encryption certificate, so as to implement encryption transmission of the web page data.

Further, after step 303, that is, after each encrypted data tag is generated, the method may further include obtaining a request according to a received key tag sent by the browser client, where the request carries an encrypted certificate identifier, encrypting a key corresponding to each encrypted data tag by using a corresponding encrypted certificate public key, and sending the corresponding key tag to the browser client, so that the browser client may obtain a key according to the received key tag and decrypt the received encrypted information.

From the client side, an embodiment of the present invention further provides a method for transmitting web page data, where the flow of the steps of the method may be as shown in fig. 8, and includes:

step 401, receiving web page data carrying an encrypted certificate tag and at least one encrypted data tag.

In this step, the browser client may receive web page data carrying an encrypted certificate tag and at least one encrypted data tag, where the encrypted certificate tag is used to carry an identifier of an encrypted certificate configured for the browser client and to obtain a server address of the encrypted certificate, where the received web page data is at least one key generated by the server, encrypt at least one piece of information to be issued by using the generated key, generate an encrypted data tag according to each piece of encrypted information to be issued, and each encrypted data tag carries an encrypted information to be issued and an identifier of a key used to encrypt the information to be issued, and send the web page data carrying the encrypted certificate tag and each generated encrypted data tag.

Further, if receiving the web page data carrying the encrypted certificate tag and the at least one encrypted data tag, this embodiment may further include:

step 402, searching whether an encryption certificate is stored.

In this step, the browser client may parse the encrypted certificate tag, find whether an encrypted certificate corresponding to the encrypted certificate tag is stored according to the parsed encrypted certificate tag, continue to execute step 403 if it is determined that the encrypted certificate is not stored, otherwise, skip to execute step 404.

And step 403, acquiring and storing the encryption certificate.

And step 404, searching whether a key label corresponding to each encrypted data label is stored.

In this step, it may be continuously searched whether the key tag corresponding to each encrypted data tag is stored. It can be understood that one key tag carries one key identifier corresponding to the encrypted data tag and a key corresponding to the key identifier encrypted by the public key of the encrypted certificate.

If the key tag corresponding to each encrypted data tag is found, the step 406 may be skipped to, otherwise, the step 405 may be continued.

Step 405, sending a key tag acquisition request to the server, and storing the key tag corresponding to each encrypted data tag sent by the server.

In this step, if it is determined that the key tag corresponding to each encrypted data tag is not stored, the browser client may send a key tag acquisition request to the server, where the key tag acquisition request carries an encrypted certificate identifier, and may store the key tag corresponding to each encrypted data tag sent by the server.

And the key label corresponding to each encrypted data label is the corresponding key label sent by encrypting the key corresponding to each encrypted data label by using the corresponding public key of the encrypted certificate according to the key label acquisition request after the server generates each encrypted data label.

And 406, decrypting the key encrypted by the encrypted certificate public key carried in each key label by using the encrypted certificate private key.

If it is determined that the key label corresponding to each encrypted data label is already stored, in this step, the key encrypted by the encrypted certificate public key carried in each key label may be decrypted by using the encrypted certificate private key.

And 407, decrypting the encrypted information to be issued carried in each corresponding encrypted data tag by using the decrypted key.

After the key is obtained through decryption, the encrypted information to be issued carried in each corresponding encrypted data tag can be decrypted by using the key obtained through decryption.

Corresponding to the provided method, the following device is further provided.

An embodiment of the present invention provides a web page data transmission device, which may be integrated in a server, and a structure of the device may be as shown in fig. 9, where the device includes:

the key generation module 51 is used for generating at least one key;

the encryption module 52 is configured to encrypt at least one piece of information to be issued by using the generated key;

the tag generation module 53 is configured to generate an encrypted data tag according to each encrypted message to be issued, where each encrypted data tag carries an identifier of an encrypted message to be issued and a key used for encrypting the message to be issued;

the sending module 54 is configured to send, to the browser client, web page data carrying an encryption certificate tag and each generated encryption data tag, where the encryption certificate tag is used to carry an identifier of an encryption certificate configured for the browser client and a server address for obtaining the encryption certificate.

Optionally, the apparatus further includes a receiving module 55, configured to receive a key tag obtaining request sent by the browser client;

the encryption module 52 is further configured to, after the tag generation module 53 generates each encrypted data tag, encrypt a key corresponding to each encrypted data tag by using a corresponding public key of an encryption certificate according to a key tag acquisition request sent by the browser client and received by the receiving module 55, where the key tag acquisition request carries an identification of the encryption certificate;

the sending module 54 is further configured to send the corresponding key tag to the browser client.

The embodiment of the present invention provides a web page data transmission device, which may be integrated in a client, and the structure of the device may be as shown in fig. 10, and includes a receiving module 61, a searching module 62, a decrypting module 63, and an obtaining module 64, where:

the receiving module 61 is configured to receive web page data carrying an encrypted certificate tag and at least one encrypted data tag, where the encrypted certificate tag is used to carry an identifier of an encrypted certificate configured for the browser client and a server address for obtaining the encrypted certificate;

Optionally, the searching module 62 is configured to, if the receiving module 61 receives the web page data carrying an encryption certificate tag and at least one encryption data tag, parse the encryption certificate tag, and search whether an encryption certificate corresponding to the encryption certificate tag is stored according to the parsed encryption certificate tag; if the encryption certificate is determined to be stored, searching whether a key label corresponding to each encrypted data label is stored or not, wherein one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by the public key of the encryption certificate;

the decryption module 63 is configured to decrypt, by using the encrypted certificate private key, the key encrypted by the encrypted certificate public key carried in each key tag if it is determined that the key tag corresponding to each encrypted data tag is stored; and decrypting the encrypted information to be issued carried in each corresponding encrypted data label by using the decrypted key.

Optionally, the obtaining module 64 is configured to send a key tag obtaining request to the server if it is determined that the key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing a key label corresponding to each encrypted data label sent by the server;

Based on the same inventive concept, embodiments of the present invention provide the following apparatus and medium.

The structure of the device can be as shown in fig. 11, and the device includes a processor 71, a communication interface 72, a memory 73, and a communication bus 74, where the processor 71, the communication interface 72, and the memory 73 complete communication with each other through the communication bus 74;

the memory 73 is used for storing computer programs;

the processor 71 is configured to implement the steps of the above method embodiments of the present invention when executing the program stored in the memory.

Optionally, the processor 71 may specifically include a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), one or more Integrated circuits for controlling program execution, a hardware Circuit developed by using a Field Programmable Gate Array (FPGA), or a baseband processor.

Optionally, the processor 71 may include at least one processing core.

Alternatively, the Memory 73 may include a Read-Only Memory (ROM), a Random Access Memory (RAM), and a disk Memory. The memory 73 is used for storing data required by the at least one processor 71 during operation. The number of the memory 73 may be one or more.

An embodiment of the present invention further provides a non-volatile computer storage medium, where the computer storage medium stores an executable program, and when the executable program is executed by a processor, the method provided in the foregoing method embodiment of the present invention is implemented.

In particular implementations, computer storage media may include: various storage media capable of storing program codes, such as a Universal Serial Bus Flash Drive (USB), a mobile hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

In the embodiments of the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the described unit or division of units is only one division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical or other form.

The functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be an independent physical module.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the technical solutions of the embodiments of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device, such as a personal computer, a server, or a network device, or a processor (processor) to execute all or part of the steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a Universal Serial Bus Flash Drive (usb Flash Drive), a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.

It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims

1. A web page data transmission system, the system comprising a server and a browser client, wherein:

2. The system of claim 1, wherein the server is further configured to, if receiving the web page data that is sent by the browser client and carries at least one encrypted data tag and at least one key tag, for each encrypted data tag, according to a key identifier carried in the encrypted data tag, decrypt, using an encryption certificate private key, an encrypted key carried in the key tag that carries the key identifier, and decrypt, using the decrypted key, the encrypted input information carried in the encrypted data tag.

3. The system according to claim 1 or 2, wherein the browser client is further configured to, if it is determined that the encryption certificate corresponding to the parsed encryption certificate identifier is not stored, obtain and store the encryption certificate corresponding to the encryption certificate identifier carried by the encryption certificate tag according to the address of the server that obtains the encryption certificate carried by the encryption certificate tag.

4. A method for transmitting webpage data, the method comprising:

5. The method of claim 4, wherein if receiving the web page data carrying at least one encrypted data tag and at least one key tag sent by the browser client, the method further comprises:

6. A method for transmitting webpage data, the method comprising:

7. The method of claim 6, wherein if it is determined that the encryption certificate corresponding to the parsed encryption certificate identifier is not saved, the method further comprises:

8. An apparatus for transmitting data of a web page, the apparatus comprising:

9. The apparatus of claim 8, wherein the apparatus further comprises a receiving module and a decryption module:

10. An apparatus for transmitting data of a web page, the apparatus comprising:

11. The apparatus of claim 10, wherein the apparatus further comprises an acquisition module:

12. A web page data transmission system, the system comprising a server and a browser client, wherein:

the browser client is used for receiving webpage data carrying an encrypted certificate label and at least one encrypted data label;

the browser client is further configured to parse the encrypted certificate tag if receiving the web page data carrying the encrypted certificate tag and the at least one encrypted data tag, according to the analyzed encrypted certificate identification, whether an encrypted certificate corresponding to the encrypted certificate identification is stored or not is searched, if the encrypted certificate is determined to be stored, whether a key label corresponding to each encrypted data label is stored or not is searched, one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by an encrypted certificate public key, if the key label corresponding to each encrypted data label is determined to be stored, the key encrypted by the encrypted certificate public key carried in each key label is decrypted by using an encrypted certificate private key, and the encrypted information to be issued carried in each corresponding encrypted data label is decrypted by using the decrypted key.

13. The system of claim 12, wherein the browser client is further configured to send a key tag obtaining request to the server if it is determined that the key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing the key label corresponding to each encrypted data label sent by the server;

14. A method for transmitting webpage data, the method comprising:

generating at least one key;

sending webpage data carrying encrypted certificate labels and each generated encrypted data label to a browser client, wherein the encrypted certificate labels are used for carrying identifiers of encrypted certificates configured for the browser client and obtaining server addresses of the encrypted certificates, so that the browser client receives webpage data carrying the encrypted certificate labels and at least one encrypted data label, if the webpage data carrying the encrypted certificate labels and at least one encrypted data label is received, the encrypted certificate labels are analyzed, whether encrypted certificates corresponding to the encrypted certificate labels are stored or not is searched according to the analyzed encrypted certificate identifiers, if the encrypted certificates are determined to be stored, whether key labels corresponding to each encrypted data label are stored or not is searched, and one key label carries a key identifier corresponding to the encrypted data label and a key corresponding to the key identifier encrypted by an encrypted certificate public key, and if the key label corresponding to each encrypted data label is determined to be stored, decrypting the key encrypted by the encrypted certificate public key carried in each key label by using the encrypted certificate private key, and decrypting the encrypted information to be issued carried in each corresponding encrypted data label by using the decrypted key.

15. The method of claim 14, wherein the method further comprises:

16. A method for transmitting webpage data, the method comprising:

receiving webpage data carrying an encryption certificate label and at least one encryption data label, wherein the encryption certificate label is used for carrying an identification of an encryption certificate configured for a browser client and obtaining a server address of the encryption certificate;

the received webpage data is obtained by the server generating at least one secret key, encrypting at least one piece of information to be issued by using the generated secret key, respectively generating an encrypted data tag according to each piece of encrypted information to be issued, wherein each encrypted data tag carries one piece of encrypted information to be issued and an identifier of the secret key used for encrypting the information to be issued, and the webpage data sent by the server carries an encrypted certificate tag and each generated encrypted data tag;

if receiving the webpage data carrying the encrypted certificate label and at least one encrypted data label, the method further comprises:

17. The method of claim 16, wherein if it is determined that the key tag corresponding to each encrypted data tag is not stored, the method further comprises:

18. An apparatus for transmitting data of a web page, the apparatus comprising:

a key generation module for generating at least one key;

a sending module, configured to send, to a browser client, web page data carrying an encrypted certificate tag and each generated encrypted data tag, where the encrypted certificate tag is used to carry an identifier of an encrypted certificate configured for the browser client and a server address for obtaining the encrypted certificate, so that the browser client receives the web page data carrying the encrypted certificate tag and at least one encrypted data tag, and if the web page data carrying the encrypted certificate tag and at least one encrypted data tag is received, parses the encrypted certificate tag, searches whether an encrypted certificate corresponding to the encrypted certificate identifier is stored according to the parsed encrypted certificate identifier, and if it is determined that the encrypted certificate is stored, searches whether a key tag corresponding to each encrypted data tag is stored, and a key tag carries a key identifier corresponding to the encrypted data tag and a key corresponding to the key identifier encrypted by the encrypted certificate, and if the key label corresponding to each encrypted data label is determined to be stored, decrypting the key encrypted by the encrypted certificate public key carried in each key label by using the encrypted certificate private key, and decrypting the encrypted information to be issued carried in each corresponding encrypted data label by using the decrypted key.

19. The apparatus of claim 18, wherein the apparatus further comprises a receiving module, configured to receive a key tag obtaining request sent by the browser client;

20. The webpage data transmission device is characterized by comprising a receiving module, a searching module, a decrypting module and an obtaining module, wherein:

the receiving module is used for receiving webpage data carrying an encryption certificate label and at least one encryption data label, wherein the encryption certificate label is used for carrying an identifier of an encryption certificate configured for a browser client and a server address for acquiring the encryption certificate;

the searching module is used for analyzing the encryption certificate label if the receiving module receives webpage data carrying the encryption certificate label and at least one encryption data label, and searching whether an encryption certificate corresponding to the encryption certificate label is stored or not according to the analyzed encryption certificate label; if the encryption certificate is determined to be stored, searching whether a key label corresponding to each encrypted data label is stored or not, wherein one key label carries a key identification corresponding to the encrypted data label and a key corresponding to the key identification encrypted by the public key of the encryption certificate;

21. The apparatus according to claim 20, wherein the obtaining module is configured to send a key tag obtaining request to the server if it is determined that the key tag corresponding to each encrypted data tag is not stored, where the key tag obtaining request carries an encrypted certificate identifier; storing a key label corresponding to each encrypted data label sent by the server;

22. A non-transitory computer storage medium storing an executable program for execution by a processor to perform the method of any one of claims 4 to 7 or 14 to 17.

23. The webpage data transmission equipment is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory is used for storing a computer program;

the processor, when executing the program stored in the memory, implements the method steps of any of claims 4-7 or 14-17.