CN112883397B - Data storage method, data reading method, device, equipment and storage medium - Google Patents
Data storage method, data reading method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112883397B CN112883397B CN202110227689.1A CN202110227689A CN112883397B CN 112883397 B CN112883397 B CN 112883397B CN 202110227689 A CN202110227689 A CN 202110227689A CN 112883397 B CN112883397 B CN 112883397B
- Authority
- CN
- China
- Prior art keywords
- data
- target
- encryption
- character string
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000013500 data storage Methods 0.000 title claims abstract description 30
- 238000004422 calculation algorithm Methods 0.000 claims description 74
- 238000012986 modification Methods 0.000 claims description 25
- 230000004048 modification Effects 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 4
- 230000011218 segmentation Effects 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 8
- 238000004364 calculation method Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a data storage method, a data reading device, equipment and a storage medium. The method comprises the following steps: acquiring a data identifier of target data to be stored by using a target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string; performing double encryption on the target data to obtain target storage data; and writing the target storage data into a first file named by the first character string for storage. According to the technical scheme, complex multiple encryption storage is respectively carried out on each data according to the user account, and the locally stored data is prevented from being tampered.
Description
Technical Field
The embodiment of the invention relates to the technical field of data security, in particular to a data storage method, a data reading method, a device, equipment and a storage medium.
Background
With the development of network technology, various application programs are continuously emerging, and data needs to be locally archived in the process of using the application programs by users. When the data is locally archived, if the same mobile terminal logs in a plurality of accounts, a plurality of similar archives are generated, and the data in the locally stored document is easy to tamper, leak or steal, so that the security of the data is low. Therefore, how to prevent locally stored data from being tampered with is an important issue.
Disclosure of Invention
The invention provides a data storage method, a data reading device and a storage medium, which are used for realizing complex multiple encryption storage of each data according to a user account and preventing the locally stored data from being tampered.
In a first aspect, an embodiment of the present invention provides a data storage method, including:
Acquiring a data identifier of target data to be stored by using a target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string;
performing double encryption on the target data to obtain target storage data;
And writing the target storage data into a first file named by the first character string for storage.
Optionally, after writing the target storage data into the first file named by the first character string for storage, the method further includes:
acquiring a file modification date attribute value of a first file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a second character string;
and storing the first character string and the second character string in a second file in an associated manner.
Optionally, performing double encryption on the target data to obtain target storage data, including:
encrypting the target data by using a first encryption algorithm to obtain an encryption result with a preset length;
splicing the target data after the encryption result to obtain a third character string;
and encrypting the third character string by using a second encryption algorithm to obtain target storage data.
Optionally, the target account number is used to obtain a data identifier of target data to be stored, and the data identifier and the target account number are encrypted in a combined mode to obtain a first character string, which includes:
Acquiring a data identifier of target data to be stored by using a target account, and sequentially splicing the target account and the data identifier to obtain a target character string;
And encrypting the target character string by using an encryption algorithm to obtain a first character string.
In a second aspect, an embodiment of the present invention further provides a data reading method, including:
Acquiring a user account number for reading target data and a data identifier of the target data, and performing joint encryption on the data identifier and the user account number to obtain a fourth character string;
if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain encryption results of the alternative data and the target data;
Encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
Optionally, after determining that the third file named by the fourth character string exists locally, the method further includes:
Reading a file modification date attribute value of the third file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a fifth character string;
inquiring the second file according to the fourth character string to obtain a sixth character string matched with the fourth character string; the second file stores the encryption result of the file modification date attribute value matched with the data identification of each target data and the joint encryption result of the user account;
If the sixth string is consistent with the fifth string, executing the steps of decrypting and segmenting the content in the third file, otherwise, determining that the reading of the target data fails.
Optionally, decrypting and segmenting the content in the third file to obtain the encryption result of the candidate data and the target data, including:
Decrypting the content in the third file by using the key of the second encryption algorithm to obtain a decryption result;
Taking the data with the preset length in the decryption result as an encryption result of the target data, and taking the rest data in the decryption result as alternative data; the preset length is the length of the encryption result of the target data.
Optionally, performing joint encryption on the data identifier and the user account to obtain a fourth character string, including:
And sequentially splicing the user account and the data identifier, and encrypting the splicing result by using an encryption algorithm to obtain a fourth character string.
In a third aspect, an embodiment of the present invention further provides a data storage device, including:
The first encryption module is used for acquiring a data identifier of target data to be stored by using the target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string;
the second encryption module is used for carrying out double encryption on the target data to obtain target storage data;
And the data storage module is used for writing the target storage data into a first file named by the first character string for storage.
In a fourth aspect, an embodiment of the present invention further provides a data reading apparatus, including:
the third encryption module is used for acquiring a user account for reading target data and a data identifier of the target data, and carrying out joint encryption on the data identifier and the user account to obtain a fourth character string;
The decryption module is used for decrypting and segmenting the content in the third file if the third file named by the fourth character string exists locally, so that the encryption result of the alternative data and the target data is obtained;
The data reading module is used for encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, the alternative data is read as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
In a fifth aspect, an embodiment of the present invention further provides an electronic device, including:
one or more processors;
storage means for storing one or more programs,
When the one or more programs are executed by the one or more processors, the one or more processors implement the data storage method or the data reading method provided by any embodiment of the present invention.
In a sixth aspect, an embodiment of the present invention further provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the data storage method or the data reading method provided by any embodiment of the present invention.
In the embodiment of the invention, a target account is used for acquiring a data identifier of target data to be stored, and the data identifier and the target account are subjected to joint encryption to obtain a first character string; performing double encryption on the target data to obtain target storage data; the target storage data is written into the first file named by the first character string for storage, so that the problem that the locally stored document data is easy to tamper in the prior art is solved, complex multiple encryption storage is respectively carried out on each data according to the user account, and the locally stored data is prevented from being tampered.
Drawings
FIG. 1 is a schematic diagram of a data storage method according to a first embodiment of the present invention;
FIG. 2 is a schematic diagram of a data reading method according to a second embodiment of the invention;
FIG. 3 is a schematic diagram of a data storage device according to a third embodiment of the present invention;
FIG. 4 is a schematic diagram of a data reading apparatus according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device in a fifth embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the structures related to the present invention are shown in the drawings.
Example 1
Fig. 1 is a schematic diagram of a data storage method according to a first embodiment of the present invention, where the method may be implemented by a data storage device, and the device may be implemented by hardware and/or software, and may be generally integrated in an electronic device that provides a data storage service. As shown in fig. 1, the method includes:
And 110, acquiring a data identifier of target data to be stored by using the target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string.
In this embodiment, the target account may be any one of a plurality of user accounts registered by the user for a certain application program or a certain website, and the target data may be data generated by operating in the application program or the website using the target account. The user can switch different user account numbers at any time to log in an application program or a website for operation. Each piece of data to be stored locally has a unique corresponding fixed character string as a data identifier for distinguishing each piece of data to be stored.
Optionally, obtaining the data identifier of the target data to be stored by using the target account, and performing joint encryption on the data identifier and the target account to obtain the first character string, which may include: acquiring a data identifier of target data to be stored by using a target account, and sequentially splicing the target account and the data identifier to obtain a target character string; and encrypting the target character string by using an encryption algorithm to obtain a first character string.
In this embodiment, in order to independently archive each target data by using the target account, and reduce the probability of tampering of the target data, after the target account is used to obtain the target data and the data identifier of the target data, the data identifier of the target data is spliced to the target account to obtain a new data, and then the MD5 information summary algorithm is used to perform MD5 calculation on the new data to obtain the first character string.
Any pre-designated encryption algorithm can be used for encrypting the target character string, for example, an MD5 information summary algorithm, a DES encryption algorithm, an AES encryption algorithm and the like, and when the target data is acquired, the same encryption algorithm is used for encrypting the spliced character string of the data identification of the target data and the user account.
And 120, performing double encryption on the target data to obtain target storage data.
In this embodiment, in order to increase the encryption complexity of the target data when storing the target data, the target data may be subjected to double encryption processing, and then data storage is performed in the form of target storage data obtained after double encryption, so as to reduce the probability of tampering of the target data.
Optionally, the performing double encryption on the target data to obtain target storage data may include: encrypting the target data by using a first encryption algorithm to obtain an encryption result with a preset length; splicing the target data after the encryption result to obtain a third character string; and encrypting the third character string by using a second encryption algorithm to obtain target storage data.
In this embodiment, the first encryption algorithm may be the same as or different from the second encryption algorithm, for example, the first encryption algorithm may be an MD5 information digest algorithm, and the second encryption algorithm may be an advanced encryption standard (Advanced Encryption Standard, AES). The MD5 information summarization algorithm may be used to perform MD5 computation on the target data to obtain a 32-bit string, and then splice the target data to be stored locally to the obtained 32-bit string to obtain a third string. And encrypting the third character string by using an AES algorithm to obtain target storage data subjected to double encryption processing.
In this embodiment, in order to store the target data and the encryption result of the target data at the same time, at least two layers of encryption are required when the target data is encrypted, so that when the target data is read, whether the obtained target data is the target data can be verified according to the encryption result of the target data.
And 130, writing the target storage data into a first file named by the first character string for storage.
In this embodiment, the first string is obtained by performing joint encryption on the data identifier of the target data and the target account number, and the target storage data is obtained by performing complex encryption on the target data, so that writing the target storage data into the first file named by the first string is equivalent to storing the target data after multiple encryption into the first file with the file name also encrypted, so that independent archiving of the target data by using the target account number is realized, and meanwhile, the security that the target data is stored locally is increased.
Optionally, after writing the target storage data into the first file named by the first character string for storage, the method may further include: acquiring a file modification date attribute value of a first file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a second character string; and storing the first character string and the second character string in a second file in an associated manner.
In this embodiment, in order to further improve the security of the first file storing the target data, the file modification date attribute value of the first file may be obtained, and the MD5 information abstraction algorithm is used to perform MD5 calculation on the file modification date attribute value, so as to obtain the second string. And the first character string obtained by carrying out joint encryption on the data identification of the target data and the target account is used as a key, the second character string is used as a value, the first character string and the second character string are associated and stored in a second file, so that the appointed data under the appointed account can be conveniently obtained by inquiring the second file, and whether the second file is modified or not can be judged by obtaining the file modification date attribute value of the second file.
In addition to using the key value pair, other ways of associating and storing the first character string and the second character string in the second file may be used, and the association way of the first character string and the second character string is not specifically limited in this embodiment.
In this embodiment, the target data, the target account number, and the first file storing the encrypted target data are encrypted respectively, so that in the process of storing the target data, the target data to be stored is encrypted multiple times, and the file storing the data is encrypted, and the possibility of tampering the target data is reduced through layer-by-layer protection.
In the embodiment of the invention, a target account is used for acquiring a data identifier of target data to be stored, and the data identifier and the target account are subjected to joint encryption to obtain a first character string; performing double encryption on the target data to obtain target storage data; the target storage data is written into the first file named by the first character string for storage, so that the problem that the locally stored document data is easy to tamper in the prior art is solved, complex multiple encryption storage is respectively carried out on each data according to the user account, and the locally stored data is prevented from being tampered.
Example two
Fig. 2 is a schematic diagram of a data reading method according to a second embodiment of the present invention, where the method may be applied to a case of reading data from a locally stored file after multiple encryption, and the method may be performed by a data reading device, which may be implemented by hardware and/or software, and may be generally integrated in an electronic device that provides a data reading service. As shown in fig. 2, the method includes:
Step 210, obtaining the user account number of the read target data and the data identifier of the target data, and performing joint encryption on the data identifier and the user account number to obtain a fourth character string.
The target data may be data generated by operating the user account in the application program or the website, and each target data has a unique corresponding fixed character string as a data identifier.
Optionally, performing joint encryption on the data identifier and the user account to obtain a fourth string may include: and sequentially splicing the user account and the data identifier, and encrypting the splicing result by using an encryption algorithm to obtain a fourth character string.
In this embodiment, when the user account is used to read the target data stored locally, the user account and the data identifier of the target data may be obtained first, then the data identifier of the target data is spliced to the user account to obtain new data, and the MD5 information summary algorithm is used to perform MD5 calculation on the new data to obtain a fourth string, that is, the file name of the file in which the target data is located.
The encryption algorithm used for carrying out joint encryption on the data identification and the user account when the target data are read is consistent with the encryption algorithm used for carrying out joint encryption on the data identification and the target account when the target data are stored.
And 220, if a third file named by the fourth character string exists locally, decrypting and segmenting the content in the third file to obtain the encryption results of the alternative data and the target data.
In this embodiment, whether a third file named by a fourth character string exists is locally queried, if so, it is indicated that there is target data stored by the user account locally, the content in the third file can be read, and decryption and segmentation processing are performed on the read file content, so as to obtain alternative data and an encryption result of the target data; and if the third file named by the fourth character string does not exist locally, indicating that the target data stored by the user account is not available locally, and judging that the target data is not read.
Optionally, decrypting and segmenting the content in the third file to obtain the encryption result of the candidate data and the target data may include: decrypting the content in the third file by using the key of the second encryption algorithm to obtain a decryption result; taking the data with the preset length in the decryption result as an encryption result of the target data, and taking the rest data in the decryption result as alternative data; the preset length is the length of the encryption result of the target data.
In this embodiment, after the third file is found, a key of the corresponding AES algorithm may be obtained, and the content in the third file is decrypted using the key, if decryption is successful, an encryption result of the target data and the candidate data that are spliced together are obtained, and if decryption fails, it is determined that reading the target data fails. In the storing process of the target data, the target data is encrypted into a character string with the length of 32 bits by the MD5 information abstraction algorithm, and the target data is spliced behind the character string and written into a third file, so that the first 32 bits of data in the AES decryption result can be used as an encryption result of the target data, and the rest of data can be used as alternative data. It is considered here that the locally stored target data may be modified, and therefore, the decomposed data is decrypted at this time and must be the target data stored at that time.
The second encryption algorithm used for encrypting the target data and the encryption result of the target data again when the target data is read is consistent with the second encryption algorithm used for decrypting the content in the third file when the target data is stored.
Optionally, after determining that the third file named by the fourth character string exists locally, the method may further include: reading a file modification date attribute value of the third file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a fifth character string; inquiring the second file according to the fourth character string to obtain a sixth character string matched with the fourth character string; the second file stores the encryption result of the file modification date attribute value matched with the data identification of each target data and the joint encryption result of the user account; if the sixth string is consistent with the fifth string, executing the steps of decrypting and segmenting the content in the third file, otherwise, determining that the reading of the target data fails.
In this embodiment, after determining that the third file named by the fourth character string exists locally, it is also necessary to verify whether the content in the third file is modified according to the file modification date attribute value of the third file. According to the encryption operation of the file during the encryption storage of the target data, correspondingly, MD5 information abstract algorithm can be used for carrying out MD5 calculation on the file modification date attribute value of the third file to obtain a fifth character string, then the fourth character string is used as a key, the second file is queried to obtain a sixth character string matched with the fourth character string, and then the fifth character string is compared with the sixth character string. If the two are the same, it is determined that the third file is not modified, i.e., the target data stored in the third file may not be modified, at which point the steps of decrypting and segmenting the content in the third file may be performed. If the two are different, the third file is considered to have been modified, i.e., the target data stored in the third file is modified, at which point it may be determined that the reading of the target data has failed.
Step 230, encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
In this embodiment, in order to verify whether the acquired data is the target data, the MD5 information summary algorithm may be used to calculate the candidate data, if the calculation result is consistent with the encryption result of the target data, this indicates that the target data is not leaked, the candidate data may be read as the target data, if the calculation result is inconsistent with the encryption result of the target data, this indicates that the target data is tampered, and it may be determined that the target data has failed to be read.
In this embodiment, by checking whether the third file storing the target data exists, verifying whether the third file is tampered, decrypting the content of the third file, verifying the target data obtained by decrypting, and the like, it is ensured that the read target data is not modified, and meanwhile, the security of the data stored by local encryption is also reflected to be high.
In the embodiment of the invention, the user account for reading the target data and the data identifier of the target data are obtained, and the data identifier and the user account are subjected to joint encryption to obtain a fourth character string; if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain encryption results of the alternative data and the target data; encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data, the problem that the locally stored document data is easy to tamper in the prior art is solved, and the data can be read only by respectively carrying out multiple decryption on each data according to the user account, so that the effect of preventing the locally stored data from being tampered is achieved.
Example III
Fig. 3 is a schematic structural diagram of a data storage device according to a third embodiment of the present invention, where the present embodiment is applicable to multiple encrypted storage of data, the device may be implemented in hardware and/or software, and may be generally integrated in an electronic apparatus that provides a data storage service. As shown in fig. 3, the apparatus includes:
The first encryption module 310 is configured to obtain a data identifier of target data to be stored using the target account, and perform joint encryption on the data identifier and the target account to obtain a first string;
The second encryption module 320 is configured to perform double encryption on the target data to obtain target storage data;
The data storage module 330 is configured to write the target storage data into a first file named with a first string for storage.
In the embodiment of the invention, a target account is used for acquiring a data identifier of target data to be stored, and the data identifier and the target account are subjected to joint encryption to obtain a first character string; performing double encryption on the target data to obtain target storage data; the target storage data is written into the first file named by the first character string for storage, so that the problem that the locally stored document data is easy to tamper in the prior art is solved, complex multiple encryption storage is respectively carried out on each data according to the user account, and the locally stored data is prevented from being tampered.
Optionally, the method further comprises:
The file encryption module is used for obtaining a file modification date attribute value of the first file after writing target storage data into the first file named by the first character string for storage, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a second character string;
and storing the first character string and the second character string in a second file in an associated manner.
Optionally, the second encryption module 320 is configured to:
encrypting the target data by using a first encryption algorithm to obtain an encryption result with a preset length;
splicing the target data after the encryption result to obtain a third character string;
and encrypting the third character string by using a second encryption algorithm to obtain target storage data.
Optionally, the first encryption module 310 is configured to:
Acquiring a data identifier of target data to be stored by using a target account, and sequentially splicing the target account and the data identifier to obtain a target character string;
And encrypting the target character string by using an encryption algorithm to obtain a first character string.
The data storage device provided by the embodiment of the invention can execute the data storage method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example IV
Fig. 4 is a schematic structural diagram of a data reading apparatus according to a fourth embodiment of the present invention, which is applicable to a case of reading multiple encrypted data from a locally stored file, and the apparatus may be implemented by hardware and/or software and may be generally integrated in an electronic device that provides a data reading service. As shown in fig. 4, the apparatus includes:
the third encryption module 410 is configured to obtain a user account for reading the target data and a data identifier of the target data, and perform joint encryption on the data identifier and the user account to obtain a fourth string;
A decryption module 420, configured to decrypt and segment the content in the third file if the third file named by the fourth string exists locally, so as to obtain an encryption result of the candidate data and the target data;
The data reading module 430 is configured to encrypt the candidate data, and if the encryption result of the candidate data is consistent with the encryption result of the target data, read the candidate data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
In the embodiment of the invention, the user account for reading the target data and the data identifier of the target data are obtained, and the data identifier and the user account are subjected to joint encryption to obtain a fourth character string; if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain encryption results of the alternative data and the target data; encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data, the problem that the locally stored document data is easy to tamper in the prior art is solved, and the data can be read only by respectively carrying out multiple decryption on each data according to the user account, so that the effect of preventing the locally stored data from being tampered is achieved.
Optionally, the method further comprises:
the file attribute verification module is used for reading a file modification date attribute value of a third file after determining that the third file named as the fourth character string exists locally, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a fifth character string;
inquiring the second file according to the fourth character string to obtain a sixth character string matched with the fourth character string; the second file stores the encryption result of the file modification date attribute value matched with the data identification of each target data and the joint encryption result of the user account;
If the sixth string is consistent with the fifth string, executing the steps of decrypting and segmenting the content in the third file, otherwise, determining that the reading of the target data fails.
Optionally, the decryption module 420 is configured to:
Decrypting the content in the third file by using the key of the second encryption algorithm to obtain a decryption result;
Taking the data with the preset length in the decryption result as an encryption result of the target data, and taking the rest data in the decryption result as alternative data; the preset length is the length of the encryption result of the target data.
Optionally, the third encryption module 410 is configured to: and sequentially splicing the user account and the data identifier, and encrypting the splicing result by using an encryption algorithm to obtain a fourth character string.
The data reading device provided by the embodiment of the invention can execute the data reading method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example five
Fig. 5 is a schematic structural diagram of an electronic device in a fifth embodiment of the present invention. Fig. 5 shows a block diagram of an exemplary device 12 suitable for use in implementing embodiments of the present invention. The device 12 shown in fig. 5 is merely an example and should not be construed as limiting the functionality and scope of use of embodiments of the present invention.
As shown in fig. 5, device 12 is in the form of a general purpose computing device. Components of device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, a bus 18 that connects the various system components, including the system memory 28 and the processing units 16.
Bus 18 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, and a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, micro channel architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Device 12 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 30 and/or cache memory 32. Device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from or write to non-removable, nonvolatile magnetic media (not shown in FIG. 5, commonly referred to as a "hard disk drive"). Although not shown in fig. 5, a magnetic disk drive for reading from and writing to a removable non-volatile magnetic disk (e.g., a "floppy disk"), and an optical disk drive for reading from or writing to a removable non-volatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In such cases, each drive may be coupled to bus 18 through one or more data medium interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules configured to carry out the functions of embodiments of the invention.
A program/utility 40 having a set (at least one) of program modules 42 may be stored in, for example, memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment. Program modules 42 generally perform the functions and/or methods of the embodiments described herein.
Device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), one or more devices that enable a user to interact with device 12, and/or any devices (e.g., network card, modem, etc.) that enable device 12 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 22. Also, device 12 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet, via network adapter 20. As shown, network adapter 20 communicates with other modules of device 12 over bus 18. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with device 12, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
The processing unit 16 executes various functional applications and data processing by running programs stored in the system memory 28, for example, implementing a data storage method or a data reading method provided by an embodiment of the present invention.
Namely: a data storage method is realized, comprising:
Acquiring a data identifier of target data to be stored by using a target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string;
performing double encryption on the target data to obtain target storage data;
And writing the target storage data into a first file named by the first character string for storage.
Or a data reading method is realized, which comprises the following steps:
Acquiring a user account number for reading target data and a data identifier of the target data, and performing joint encryption on the data identifier and the user account number to obtain a fourth character string;
if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain encryption results of the alternative data and the target data;
Encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
Example six
The sixth embodiment of the present invention also provides a computer-readable storage medium having stored thereon a computer program for executing a data storage method or a data reading method when executed by a computer processor.
Namely: a method of data storage is performed, comprising:
Acquiring a data identifier of target data to be stored by using a target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string;
performing double encryption on the target data to obtain target storage data;
And writing the target storage data into a first file named by the first character string for storage.
Or a data reading method is realized, which comprises the following steps:
Acquiring a user account number for reading target data and a data identifier of the target data, and performing joint encryption on the data identifier and the user account number to obtain a fourth character string;
if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain encryption results of the alternative data and the target data;
Encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data.
The computer storage media of embodiments of the invention may take the form of any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. The computer readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations of the present invention may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.
Claims (10)
1. A method of data storage, comprising:
acquiring a data identifier of target data to be stored by using a target account, and carrying out joint encryption on the data identifier and the target account to obtain a first character string; the target data are data generated by using the target account number to operate in an application program or a website, and each target data has a unique corresponding fixed character string as a data identifier;
Performing double encryption on the target data to obtain target storage data;
writing the target storage data into a first file named by the first character string for storage;
Performing double encryption on the target data to obtain target storage data, wherein the method comprises the following steps:
Encrypting the target data by using a first encryption algorithm to obtain an encryption result with a preset length;
Splicing the target data after the encryption result to obtain a third character string;
and encrypting the third character string by using a second encryption algorithm to obtain target storage data.
2. The method of claim 1, further comprising, after writing the target storage data to a first file named with the first string for storage:
Acquiring a file modification date attribute value of the first file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a second character string;
and storing the first character string and the second character string in a second file in an associated manner.
3. The method of claim 1, wherein obtaining a data identifier of target data to be stored using a target account number, and performing joint encryption on the data identifier and the target account number to obtain a first string, includes:
Acquiring a data identifier of target data to be stored by using a target account, and sequentially splicing the target account and the data identifier to obtain a target character string;
And encrypting the target character string by using an encryption algorithm to obtain a first character string.
4. A data reading method, comprising:
Acquiring a user account number for reading target data and a data identifier of the target data, and carrying out joint encryption on the data identifier and the user account number to obtain a fourth character string; the target data are data generated by using the user account to operate in an application program or a website, and each target data has a unique corresponding fixed character string as a data identifier;
if a third file named by a fourth character string exists locally, decrypting and segmenting the content in the third file to obtain alternative data and an encryption result of the target data;
Encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, reading the alternative data as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data;
decrypting and segmenting the content in the third file to obtain alternative data and an encryption result of the target data, wherein the decryption and segmentation processes comprise the following steps:
decrypting the content in the third file by using a key of the second encryption algorithm to obtain a decryption result;
Taking the data with the preset length in the decryption result as an encryption result of the target data, and taking the rest data in the decryption result as alternative data; the preset length is the length of the encryption result of the target data.
5. The method of claim 4, further comprising, after determining that the third file named for the fourth string exists locally:
Reading a file modification date attribute value of the third file, and encrypting the file modification date attribute value by using a first encryption algorithm to obtain a fifth character string;
Inquiring a second file according to the fourth character string to obtain a sixth character string matched with the fourth character string; the second file stores the encryption result of the file modification date attribute value matched with the data identification of each target data and the joint encryption result of the user account;
And if the sixth character string is consistent with the fifth character string, executing the steps of decrypting and segmenting the content in the third file, otherwise, determining that the reading of the target data fails.
6. The method of claim 4, wherein the performing joint encryption on the data identifier and the user account to obtain a fourth string includes:
And sequentially splicing the user account and the data identifier, and encrypting the splicing result by using an encryption algorithm to obtain a fourth character string.
7. A data storage device, comprising:
The first encryption module is used for acquiring a data identifier of target data to be stored by using the target account number, and carrying out joint encryption on the data identifier and the target account number to obtain a first character string; the target data are data generated by using the target account number to operate in an application program or a website, and each target data has a unique corresponding fixed character string as a data identifier;
the second encryption module is used for carrying out double encryption on the target data to obtain target storage data;
the data storage module is used for writing the target storage data into a first file named by the first character string for storage;
The second encryption module is specifically configured to:
Encrypting the target data by using a first encryption algorithm to obtain an encryption result with a preset length;
Splicing the target data after the encryption result to obtain a third character string;
and encrypting the third character string by using a second encryption algorithm to obtain target storage data.
8. A data reading apparatus, comprising:
The third encryption module is used for acquiring a user account for reading target data and a data identifier of the target data, and carrying out joint encryption on the data identifier and the user account to obtain a fourth character string; the target data are data generated by using the user account to operate in an application program or a website, and each target data has a unique corresponding fixed character string as a data identifier;
the decryption module is used for decrypting and segmenting the content in the third file if the third file named by the fourth character string exists locally, so as to obtain alternative data and an encryption result of the target data;
The data reading module is used for encrypting the alternative data, and if the encryption result of the alternative data is consistent with the encryption result of the target data, the alternative data is read as the target data; the encryption algorithm used by the alternative data is consistent with the encryption algorithm used by the target data;
the decryption module is specifically configured to:
decrypting the content in the third file by using a key of the second encryption algorithm to obtain a decryption result;
Taking the data with the preset length in the decryption result as an encryption result of the target data, and taking the rest data in the decryption result as alternative data; the preset length is the length of the encryption result of the target data.
9. An electronic device, the electronic device comprising:
one or more processors;
storage means for storing one or more programs,
When executed by the one or more processors, causes the one or more processors to implement the data storage method of any of claims 1-3 or the data reading method of any of claims 4-6.
10. A computer-readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements a data storage method according to any one of claims 1-3 or a data reading method according to any one of claims 4-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110227689.1A CN112883397B (en) | 2021-03-01 | 2021-03-01 | Data storage method, data reading method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110227689.1A CN112883397B (en) | 2021-03-01 | 2021-03-01 | Data storage method, data reading method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112883397A CN112883397A (en) | 2021-06-01 |
| CN112883397B true CN112883397B (en) | 2024-06-21 |
Family
ID=76055093
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110227689.1A Active CN112883397B (en) | 2021-03-01 | 2021-03-01 | Data storage method, data reading method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112883397B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113722742B (en) * | 2021-09-13 | 2024-04-16 | 青岛海信宽带多媒体技术有限公司 | Terminal and firmware file encryption storage method of optical module MCU (micro control Unit) by terminal |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109150903A (en) * | 2018-09-25 | 2019-01-04 | 平安科技(深圳)有限公司 | A kind of account management method, device, storage medium and terminal device |
| CN111767550A (en) * | 2019-07-24 | 2020-10-13 | 北京沃东天骏信息技术有限公司 | Data storage method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111949710B (en) * | 2020-08-17 | 2024-03-22 | 北京锐安科技有限公司 | Data storage method, device, server and storage medium |
-
2021
- 2021-03-01 CN CN202110227689.1A patent/CN112883397B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109150903A (en) * | 2018-09-25 | 2019-01-04 | 平安科技(深圳)有限公司 | A kind of account management method, device, storage medium and terminal device |
| CN111767550A (en) * | 2019-07-24 | 2020-10-13 | 北京沃东天骏信息技术有限公司 | Data storage method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112883397A (en) | 2021-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111291339B (en) | Method, device, equipment and storage medium for processing blockchain data | |
| CN111698312B (en) | Service processing method, device, equipment and storage medium based on open platform | |
| CN110245466B (en) | Software integrity protection and verification method, system, device and storage medium | |
| CN110324416B (en) | Download path tracking method, device, server, terminal and medium | |
| CN114615031A (en) | File storage method and device, electronic equipment and storage medium | |
| CN110545542B (en) | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment | |
| CN112967056A (en) | Access information processing method and device, electronic equipment and medium | |
| CN112883397B (en) | Data storage method, data reading method, device, equipment and storage medium | |
| CN110837635A (en) | Method, device, equipment and storage medium for equipment verification | |
| CN109325360B (en) | Information management method and device | |
| CN114553532A (en) | Data secure transmission method and device, electronic equipment and storage medium | |
| CN113052305B (en) | Method for operating a neural network model, electronic device and storage medium | |
| CN112115491B (en) | Symmetric encryption key protection method, device, equipment and storage medium | |
| CN110750388B (en) | Backup analysis method, device, equipment and medium | |
| CN113515747B (en) | Equipment upgrading method, device, equipment and storage medium | |
| CN112016336B (en) | Method, device, equipment and storage medium for detecting copy card | |
| CN112800004B (en) | License plate algorithm library control method, device, equipment and medium | |
| CN112825093B (en) | Security baseline checking method, host, server, electronic device and storage medium | |
| CN111062053B (en) | Method, device, equipment and medium for processing biological characteristic data | |
| CN115001768A (en) | Data interaction method, device and equipment based on block chain and storage medium | |
| CN113407434B (en) | Method and device for processing debug file | |
| US9323951B2 (en) | Encrypted warranty verification and diagnostic tool | |
| CN113627938B (en) | Data deleting method, device and equipment of block chain and storage medium | |
| CN114417321A (en) | Method, device, equipment and medium for connecting application software with database | |
| KR102027815B1 (en) | Pin-based file decryption method and apparatus for performing the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |