CN112910883A - Data transmission method and device and electronic equipment - Google Patents

Data transmission method and device and electronic equipment Download PDF

Info

Publication number
CN112910883A
CN112910883A CN202110122174.5A CN202110122174A CN112910883A CN 112910883 A CN112910883 A CN 112910883A CN 202110122174 A CN202110122174 A CN 202110122174A CN 112910883 A CN112910883 A CN 112910883A
Authority
CN
China
Prior art keywords
data
mobile terminal
target transmission
management platform
transmitted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110122174.5A
Other languages
Chinese (zh)
Other versions
CN112910883B (en
Inventor
张梦琪
温志成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Shenghua Julong Technology Co ltd
Original Assignee
Beijing Shenghua Julong Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Shenghua Julong Technology Co ltd filed Critical Beijing Shenghua Julong Technology Co ltd
Priority to CN202110122174.5A priority Critical patent/CN112910883B/en
Publication of CN112910883A publication Critical patent/CN112910883A/en
Application granted granted Critical
Publication of CN112910883B publication Critical patent/CN112910883B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a data transmission method, a data transmission device and electronic equipment, which relate to the technical field of data storage and transmission and comprise the following steps: acquiring user information of a designated user and terminal information of a mobile terminal; performing multi-stage encryption processing on data to be transmitted based on user information and terminal information to obtain target transmission data; and transmitting the target transmission data to the mobile terminal. The invention can effectively improve the safety of data transmission.

Description

Data transmission method and device and electronic equipment
Technical Field
The present invention relates to the field of data storage and transmission technologies, and in particular, to a data transmission method and apparatus, and an electronic device.
Background
With the development of the internet, data management gradually tends to digital management, but at present, when data is digitally managed, risks of inadequate management measures, data leakage and the like exist, so that data management cannot be effectively guaranteed, and in an application scenario (such as a credit investigation link), data storage and transmission are involved, but the following problems exist in the current technology: data transmission is mainly performed through plaintext storage in the data transmission process, so that the data security is poor, and data loss and leakage can be caused in the data transmission process. In summary, the existing data transmission method has the problem of poor security.
Disclosure of Invention
In view of this, the present invention provides a data transmission method, a data transmission device and an electronic device, which can effectively improve the security of data transmission.
In a first aspect, an embodiment of the present invention provides a data transmission method, where the method is applied to a data management platform, the data management platform is in communication connection with a specified mobile terminal, and the data management platform stores data to be transmitted, and the method includes: acquiring user information of a designated user and terminal information of the mobile terminal; performing multi-stage encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data; and transmitting the target transmission data to the mobile terminal.
In one embodiment, the data management platform is in communication connection with a storage device of the specified user, and the user information comprises a first public key of the storage device; the terminal information comprises a second public key of the mobile terminal; the step of performing multi-level encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data includes: encrypting the data to be transmitted for the first time based on the first public key to obtain initial encrypted data; and carrying out secondary encryption on the initial encrypted data based on the second public key to obtain target transmission data.
In one embodiment, the user information further includes a user identifier and a preset check deadline; the step of encrypting the initial encrypted data for the second time based on the second public key to obtain target transmission data includes: and combining the initial encrypted data, the user identification and the preset check deadline to obtain a data message, and performing secondary encryption on the data message by using the second public key to obtain the target transmission data.
In a second aspect, an embodiment of the present invention provides a data transmission method, where the method is applied to a mobile terminal, and the mobile terminal is in communication connection with a data management platform, where the method includes: receiving target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of a specified user and terminal information of the mobile terminal; and performing multi-stage decryption processing on the target transmission data to obtain the data to be transmitted.
In one embodiment, the mobile terminal is in communication connection with the storage device of the designated user; the step of performing multi-level decryption processing on the target transmission data to obtain the data to be transmitted includes: carrying out first decryption on the target transmission data based on a second private key of the mobile terminal to obtain a data message; the data message comprises initial encrypted data, a user identifier and a preset check deadline, and the second private key corresponds to a second public key of the mobile terminal; carrying out security check on the data message; the safety verification at least comprises user identification verification, preset verification time limit verification or storage terminal verification; if the security check is passed, carrying out secondary decryption on the initial encrypted data by using a first private key of the storage device to obtain data to be transmitted; wherein the first private key corresponds to a first public key of the storage device.
In one embodiment, the method further comprises: obtaining comparison data of the image to be checked, comparing the comparison data with the data to be transmitted, obtaining a data checking result, and after obtaining the data checking result, the method further comprises the following steps: and destroying the target transmission data and/or the comparison data.
In a third aspect, an embodiment of the present invention further provides a data transmission apparatus, where the apparatus is applied to a data management platform, the data management platform is in communication connection with a specified mobile terminal, and the data management platform stores data to be transmitted, and the apparatus includes: the information acquisition module is used for acquiring user information of a specified user and terminal information of the mobile terminal; the encryption module is used for carrying out multi-stage encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data; and the data transmission module is used for transmitting the target transmission data to the mobile terminal.
In a fourth aspect, an embodiment of the present invention further provides a data transmission apparatus, where the apparatus is applied to a mobile terminal, and the mobile terminal is in communication connection with a data management platform, and the apparatus includes: the target transmission data receiving module is used for receiving the target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of a specified user and terminal information of the mobile terminal; and the comparison data acquisition module is used for carrying out multistage decryption processing on target transmission data to obtain the data to be transmitted.
In a fifth aspect, an embodiment of the present invention further provides an electronic device, including a memory and a processor; the memory has stored therein a computer program operable on the processor, the processor implementing the steps of the method of any of the first and second aspects when executing the computer program.
In a sixth aspect, embodiments of the present invention also provide a computer-readable storage medium storing machine executable instructions, which, when invoked and executed by a processor, cause the processor to execute the method of any one of the first and second aspects.
According to the data transmission method and device provided by the embodiment of the invention, the user information of the appointed user and the terminal information of the mobile terminal are firstly obtained, then the obtained user information and the obtained terminal information are utilized to carry out multi-stage encryption processing on the data to be transmitted, the encryption needs to be carried out in multiple stages, and the target transmission data is obtained after the encryption. And transmitting the encrypted target transmission data to the mobile terminal. Compared with the prior art which uses a plaintext storage and transmission method, the data transmission method can be used for data transmission, so that the data security in the data storage and transmission process is improved, the information leakage risk is reduced, and the important data information of the user can be protected.
The data transmission method and the device provided by the embodiment of the invention firstly receive target transmission data sent by a data management platform, wherein the target transmission data is obtained by carrying out multi-stage encryption on the data to be transmitted by the data management platform based on user information of an appointed user and terminal information of a mobile terminal, and then carrying out multi-stage decryption on the target transmission data to obtain the required data to be transmitted. The method is applied to the mobile terminal of the data management platform of the data transmission method provided by the embodiment, and the data transmission method can transmit and store the target transmission data of the data management platform.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic application diagram of a data transmission method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a data transmission method according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of another data transmission method according to an embodiment of the present invention;
fig. 4 is a schematic application diagram of another data transmission method according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a data transmission apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a data providing apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the embodiments, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Under the background that the internet technology is gradually mature and continuously perfected, data storage and transmission are widely applied, and convenience is brought to daily work and life of people. Meanwhile, a lot of data security problems also occur, and particularly in the data transmission process, the data leakage problem often occurs, so that the data security is not high. In practical application, a people bank needs to carry out credit investigation service field inspection on a financial institution from top to bottom every year, and the main objective of the field inspection is to monitor whether credit investigation data which are put in storage by a commercial bank is consistent with original data in a commercial bank service system or not through sampling field comparison, and to check whether the commercial bank has the phenomena of service missing report and the like. The credit investigation data check of the pedestrian relates to the technical field of data storage and transmission, and a schematic diagram of the credit investigation data check of the pedestrian is shown in fig. 1. Firstly, the data to be checked is transmitted to a credit investigation center of province level by a pedestrian credit investigation center through an intranet, and the data is exported in the credit investigation center in a form of being carried out by a physical medium, mainly an optical disk or a U disk, and is manually carried to a corresponding financial institution to be checked in the financial institution. Since the field check data is stored in plaintext, the field check data is easy to monitor in the transmission process, and information leakage is caused. Based on this, the embodiment of the invention provides a data transmission method, a data transmission device and electronic equipment, which can effectively improve the safety of data storage and transmission. The following describes embodiments of the present invention in detail.
To facilitate understanding of the present embodiment, first, a data transmission method disclosed in the embodiment of the present invention is described in detail, where the method is applied to a data management platform, the data management platform is in communication connection with a specified mobile terminal, and the data management platform stores data to be transmitted, referring to a flowchart of a data storage method shown in fig. 2, the method mainly includes the following steps S202 to S208:
step S202, user information of the designated user and terminal information of the mobile terminal are obtained. The user information may include a public key of a storage device (ukey) and is mainly used for identity identification and encryption of data to be transmitted, and the terminal information may include a public key of a mobile terminal (i.e., a security enforcement system terminal for checking certificate data) and is used for identification and data encryption of the mobile terminal. In one embodiment, an administrator of the data management platform allocates user information to an operator (user) in advance according to actual needs, allocates terminal information to a specified mobile terminal, and uploads the allocated user information and terminal information to the data management platform.
And step S204, performing multi-stage encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data. In an embodiment, the multi-stage encryption processing may include first encryption processing and second encryption processing, and optionally, the data to be transmitted may be encrypted for the first time by using the user information, and the data after the first encryption may be encrypted for the second time by using the terminal information, or the data to be transmitted may be encrypted for the first time by using the terminal information, and the data after the first encryption may be encrypted for the second time by using the user information. Because the embodiment of the invention utilizes the user information of the appointed user and the terminal information of the appointed mobile terminal to encrypt, if the user information of the non-appointed user and the terminal information of the non-appointed mobile terminal are utilized to decrypt the encrypted information in the decryption process, the decryption cannot be successfully completed, thereby effectively improving the security of the multi-stage encryption processing.
And step S206, transmitting the target transmission data to the mobile terminal. After the data to be transmitted is subjected to multi-level encryption processing to obtain target transmission data, and the terminal information of the mobile terminal and the identity information (including the account number, the password, the ukey and other information of the operator) of the operator are successfully authenticated, the target transmission data is transmitted to the mobile terminal in the form of an optical disk or a U disk. In an application scenario, the target transmission data may be transmitted to the mobile terminal, so that the mobile terminal may check the target transmission data, specifically, the data to be compared needs to be transmitted to the mobile terminal, the data to be compared is compared with the data to be compared, and a data checking result is generated according to the comparison condition.
The data transmission method mainly comprises a data management platform and a mobile terminal, wherein the data management platform and the mobile terminal are mainly in communication connection through a storage device of a designated user, data are encrypted, stored and transmitted through the data management platform and the mobile terminal, and data to be transmitted are encrypted for multiple times by utilizing user information and terminal information in the data management platform, so that the data security is ensured. In the data transmission process of the data management platform and the mobile terminal, the identity authentication of the user and the mobile terminal is required, and the data security is ensured in multiple ways.
Based on this, for the foregoing step S204, the present invention provides an implementation manner in which the data to be transmitted is subjected to the multi-level encryption processing based on the user information and the terminal information to obtain the target transmission data, and the data to be transmitted is subjected to the first encryption based on the first public key to obtain the initial encryption data; and carrying out secondary encryption on the initial encrypted data based on the second public key to obtain target transmission data. The data management platform is in communication connection with a storage device of a designated user, the user information comprises a first public key of the storage device, the terminal information comprises a second public key of the mobile terminal, the storage device can be a ukey and the like, and the first public key can be a ukey public key. In specific implementation, for example, the credit investigation data check may be performed, the ukey public key of the operator may be used to perform first encryption on data to be transmitted to obtain initial encrypted data, and then the initial encrypted data is subjected to second encryption according to the obtained second public key of the mobile terminal. In the actual credit investigation data check, the mobile terminal is referred to as a 'safety terminal law enforcement system', and the initial encrypted data is encrypted again according to a second public key of the safety terminal law enforcement system acquired in advance to obtain target transmission data. And the target transmission data is mainly transmitted to a safety terminal law enforcement system for data comparison.
In an embodiment, the user information may further include a user identifier and a preset check time limit, where the user identifier may be an account password of an operator, and the preset check time limit is used to limit a time range of the data transmission, and if it is detected that the preset check time limit is exceeded before the data transmission is performed in the mobile terminal, the data transmission cannot be completed. The invention also provides an implementation mode of carrying out secondary encryption on the initial encrypted data based on the second public key to obtain target transmission data, and the implementation mode can combine the initial encrypted data, the user identification and the preset check deadline to obtain a data message, and carry out secondary encryption on the data message by utilizing the second public key to obtain the target transmission data. In an embodiment, the initial encrypted data, the user identifier, and the preset check deadline may be combined according to a preset format to obtain a new data packet, and then the public key of the security law enforcement terminal is used to encrypt the data packet, so as to finally obtain the field audit encrypted data (i.e., the target transmission data) for an operator to transmit the data to the security law enforcement terminal.
In order to facilitate understanding of the data transmission method provided by the above embodiment, the embodiment of the present invention provides an application example of the data transmission method, which mainly applies to a data management platform (credit investigation law enforcement inspection security management platform) to manage and encrypt field inspection plaintext data sent by a credit investigation center. The method comprises the following specific steps: (1) and issuing a certificate to the security law enforcement terminal system, wherein the certificate is mainly used for carrying out decryption processing on subsequent data. (2) And issuing a certificate to the ukey, wherein the certificate is mainly used for identity authentication of an operator and decryption of field check data. (3) And the system administrator distributes an operator, a safety law enforcement terminal and the like for the on-site audit data on the credit investigation and law enforcement inspection safety management platform. (4) And encrypting the field check data for the first time by using the ukey public key of an operator to obtain initial encrypted data. (5) And forming a data message by the auditor information, the audit period, the initial encrypted data and the like, and encrypting the data message for the second time by using the public key of the safety law enforcement terminal to obtain the field audit encrypted data. (6) And importing the secondarily encrypted field verification encrypted data into a safety law enforcement terminal system by using a data export channel (an optical disk, an encrypted U disk and the like). (7) And importing the auditing result into a credit investigation law enforcement inspection safety management platform in a report form.
The embodiment of the present invention further provides an implementation manner of a data transmission method, which is mainly applied to a mobile terminal, where the mobile terminal is in communication connection with a data management platform, and specifically, refer to a flow diagram of a data transmission method shown in fig. 3, and mainly include the following steps:
step S302, receiving target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of an appointed user and terminal information of the mobile terminal. In one embodiment, the mobile terminal imports the target transmission data encrypted for multiple times in the data management platform through a hardware device such as an optical disc or a usb disk, and temporarily stores the target transmission data in the mobile terminal.
Step S304, performing multi-level decryption processing on the target transmission data to obtain the data to be transmitted. In an embodiment, the target transmission data may be subjected to a multi-level decryption process by using user information of a specified user and terminal information of the mobile terminal, so as to obtain data to be transmitted before the multi-level encryption process. In an application scenario, after data to be transmitted is obtained, whether an organization to which the data to be compared belongs to a white list client of the mobile terminal can be firstly verified, and after the data to be compared passes the authentication, the data to be compared is led into the mobile terminal. And comparing and checking the decrypted plaintext data and the data needing to be compared, and obtaining a corresponding checking result according to analysis.
The data transmission method provided by the embodiment of the invention is applied to the mobile terminal of the data management platform of the data transmission method provided by the embodiment, and the data transmission method can be used for transmitting and storing the target transmission data of the data management platform.
In an embodiment, the mobile terminal is in communication connection with a storage device of a specified user, and when performing a step of performing multi-level decryption processing on target transmission data to obtain data to be transmitted, the following steps 1 to 4 may be referred to: step 1, carrying out first decryption on target transmission data based on a second private key of the mobile terminal to obtain a data message, wherein the data message comprises initial encrypted data, a user identifier and a preset check deadline, and the second private key corresponds to a second public key of the mobile terminal; step 2, carrying out security verification on the data message, wherein the security verification at least comprises user identification verification, preset verification time limit verification or storage terminal verification; and 3, if the security verification is passed, carrying out secondary decryption on the initial encrypted data by using a first private key of the storage device to obtain the data to be transmitted, wherein the first private key corresponds to a first public key of the storage device. In one embodiment, the private key of the mobile terminal (namely, the security enforcement terminal system in the credit management) is used for decrypting the target transmission data (namely, the field audit encrypted data in the credit management) to obtain the information such as the secret of the user account number of the operator, ukey (storage terminal) information, the audit deadline and the like, and the initial encrypted data encrypted by the ukey of the operator. And then, carrying out security verification on the user identification, the preset verification deadline, the ukey information and the like, and carrying out secondary decryption on the initial encrypted data by using the ukey private key when the security verification is passed to obtain the data to be transmitted.
In one embodiment, the method further comprises: acquiring comparison data of an object to be checked, and comparing the comparison data with data to be transmitted to obtain a data checking result; after obtaining the data checking result, the method further comprises the following steps: and destroying the target transmission data and/or the comparison data. And acquiring comparison data to be checked from a third-party organization, and comparing the acquired comparison data with the data to be transmitted to acquire a data checking result. After the comparison between the data to be transmitted and the object to be checked by the mobile terminal is completed, the data to be transmitted and the comparison between the data to be transmitted and the object to be checked stored in the mobile terminal are destroyed by using a data destruction unit in the mobile terminal.
In order to facilitate understanding of the data transmission method provided by the above embodiment, the embodiment of the present invention provides an application example of the data transmission method, which is mainly applied to a mobile terminal (security enforcement terminal system). The safety law enforcement terminal system carries out data interaction with a credit investigation law enforcement inspection safety management platform through a wired network or a USB flash disk, wherein the data for carrying out the interaction are encrypted data, and the method specifically comprises the following steps: (1) and acquiring a terminal equipment certificate, generating a csr certificate request file, and sending the csr certificate request file to a credit investigation, law enforcement and inspection safety management platform. (2) The device inserted into the terminal is identified by using a USB (Universal Serial Bus) white list management, wherein the device in the white list can be identified by the terminal and can read data stored in the device. (3) And importing the field audit encrypted data into a safety law enforcement terminal system, decrypting the field audit encrypted data for the first time by using a private key of the safety law enforcement terminal system, acquiring information such as an account password, ukey information, an audit deadline and the like of an operator at the moment, and keeping the data in an encrypted state at the moment. (4) And importing the data of the examined organization into a safety law enforcement terminal system. (6) And the operator uses the account number and the password for verification, logs in the security law enforcement terminal system, and verifies whether the operator has the authority of accessing and using the data. (7) And verifying task information such as an audit period, an audit range and the like. (8) And when the account password, the task information and the like pass consistently, carrying out secondary decryption by using the ukey private key to obtain plaintext data of the original credit investigation center, storing the plaintext data in a system memory, and checking the plaintext data with the inspected mechanism data in the memory. (9) After the credit investigation plaintext data and the inspected organization data are checked, a result report is generated and is transmitted back to the credit investigation law enforcement inspection safety management platform by using a limited network or an encrypted USB flash disk. (10) And destroying the data in the safety management terminal system.
An embodiment of the present invention further provides a data transmission method applied to a data management platform and a mobile terminal, referring to an application schematic diagram of another data transmission method shown in fig. 4, as shown in fig. 4: (1) and the person bank credit center sends out field check plaintext data. (2) And the administrator manages the system users on the credit investigation and law enforcement inspection safety management platform and distributes the operator identity information and the terminal information of the safety law enforcement terminal system to the corresponding text data. (3) Encrypting plaintext data for the first time according to the identity information of an operator and the ukey public key to generate initial encrypted data; and carrying out secondary encryption on the initial encrypted data according to the initial encrypted data, the terminal information of the safety law enforcement terminal system, the auditing deadline and other information to generate field auditing encrypted data. (4) And transmitting the field verification encrypted data which is subjected to the encryption operation to a safety law enforcement terminal system. (5) The safety law enforcement terminal system authenticates the equipment of the corresponding financial institution, identifies the equipment in the authenticated USB white list, and imports the checked unit data in the equipment (a U disk, a limited network cable and the like can be utilized). (6) And checking the data in the security law enforcement terminal system, firstly decrypting the field checking encrypted data by using a private key of the security law enforcement terminal system for the first time, then decrypting the data by using the ukey of an auditor for the second time, checking the plaintext data obtained by decryption and the checked data, and returning a form of a report generated by a checking and checking result to the credit investigation law enforcement checking security management platform. (7) And clearing and destroying the data in the security law enforcement terminal system.
In summary, the data transmission method provided by the embodiment of the invention improves the security in the data transmission process through multiple times of encryption and verification.
Based on the method for data transmission provided in the foregoing embodiment, the present invention provides a data transmission device, and refer to a schematic structural diagram of a data transmission device shown in fig. 5, where the device is applied to a data management platform, the data management platform is in communication connection with a specified mobile terminal, the data management platform stores data to be transmitted, and the device at least includes the following parts:
an information obtaining module 502, configured to obtain user information of a specified user and terminal information of a mobile terminal.
And the encryption module 504 is configured to perform multi-level encryption processing on data to be transmitted based on the user information and the terminal information, so as to obtain target transmission data.
A data transmission module 506, configured to transmit the target transmission data to the mobile terminal.
The data transmission device provided by the embodiment of the invention mainly comprises a data management platform and a mobile terminal, wherein the data management platform and the mobile terminal are mainly in communication connection through a storage device of a designated user, data is encrypted, stored and transmitted through the data management platform and the mobile terminal, and data to be transmitted is encrypted for multiple times in the data management platform, so that the data security is ensured. In the data transmission process of the data management platform and the mobile terminal, the identity authentication of the user and the mobile terminal is required, and the data security is ensured in multiple ways.
In one embodiment, the encryption module 504 is further configured to: carrying out first encryption on data to be transmitted based on the first public key to obtain initial encrypted data; and carrying out secondary encryption on the initial encrypted data based on the second public key to obtain target transmission data.
In one embodiment, the user information further includes a user identifier and a preset check deadline; the encryption module 504 is further configured to: and combining the initial encrypted data, the user identification and the preset check deadline to obtain a data message, and encrypting the data message for the second time by using a second public key to obtain target transmission data.
Based on the data transmission method provided by the foregoing embodiment, the present invention provides a data transmission device, referring to a schematic structural diagram of a data transmission device shown in fig. 6, where the device at least includes the following parts:
a target transmission data receiving module 602, configured to receive target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of a specified user and terminal information of the mobile terminal.
And a comparison data obtaining module 604, configured to perform multistage decryption processing on the target transmission data to obtain the data to be transmitted.
The data transmission device provided by the embodiment of the invention is applied to the data management platform and the mobile terminal in the data transmission method provided by the embodiment of the invention, and because the data transmission method utilizes the data management platform to encrypt data for multiple times, the safety in the data storage and transmission process is improved.
In one embodiment, the mobile terminal is in communication connection with a storage device of a designated user; the data acquisition module 604 is further configured to: carrying out first decryption on target transmission data based on a second private key of the mobile terminal to obtain a data message; the data message comprises initial encrypted data, a user identifier and a preset check deadline, and the second private key corresponds to a second public key of the mobile terminal; carrying out security check on the data message; the safety verification at least comprises user identification verification, preset verification time limit verification or storage terminal verification; if the security check is passed, carrying out secondary decryption on the initial encrypted data by using a first private key of the storage device to obtain data to be transmitted; wherein the first private key corresponds to a first public key of the storage device.
In an embodiment, the apparatus further includes a verification module and a destruction module, the verification module is configured to: after the comparison data of the object to be checked is obtained, the comparison data is compared with the data to be transmitted to obtain a data checking result; the destroying module is used for: and destroying the target transmission data and/or the comparison data after the data checking result is obtained.
The device provided by the embodiment has the same implementation principle and technical effect as the foregoing embodiment, and for the sake of brief description, reference may be made to the corresponding contents in the foregoing method embodiment for the portion of the embodiment of the device that is not mentioned.
The embodiment of the invention provides electronic equipment, which particularly comprises a processor and a storage device; the storage means has stored thereon a computer program which, when executed by the processor, performs the method of any of the above described embodiments.
Fig. 7 is a schematic structural diagram of an electronic device 100 according to an embodiment of the present invention, where the electronic device 100 includes: a processor 70, a memory 71, a bus 72 and a communication interface 73, wherein the processor 70, the communication interface 73 and the memory 71 are connected through the bus 72; the processor 70 is arranged to execute executable modules, such as computer programs, stored in the memory 71.
The Memory 71 may include a high-speed Random Access Memory (RAM) and may further include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 73 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used.
The bus 72 may be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 7, but this does not indicate only one bus or one type of bus.
The memory 71 is configured to store a program, and the processor 70 executes the program after receiving an execution instruction, and the method executed by the apparatus defined by the flow process disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 70, or implemented by the processor 70.
The processor 70 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 70. The Processor 70 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA), or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory 71, and the processor 70 reads the information in the memory 71 and completes the steps of the method in combination with the hardware thereof.
The computer program product of the readable storage medium provided in the embodiment of the present invention includes a computer readable storage medium storing a program code, where instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the foregoing method embodiment, which is not described herein again.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present invention, which are used for illustrating the technical solutions of the present invention and not for limiting the same, and the protection scope of the present invention is not limited thereto, although the present invention is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A data transmission method is applied to a data management platform, the data management platform is in communication connection with a specified mobile terminal, the data management platform stores data to be transmitted, and the method comprises the following steps:
acquiring user information of a designated user and terminal information of the mobile terminal;
performing multi-stage encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data;
and transmitting the target transmission data to the mobile terminal.
2. The method of claim 1, wherein the data management platform is communicatively coupled to a storage device of the specified user, and wherein the user information comprises a first public key of the storage device; the terminal information comprises a second public key of the mobile terminal;
the step of performing multi-level encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data includes:
encrypting the data to be transmitted for the first time based on the first public key to obtain initial encrypted data;
and carrying out secondary encryption on the initial encrypted data based on the second public key to obtain target transmission data.
3. The method of claim 2, wherein the user information further comprises a user identifier and a preset check-up period;
the step of encrypting the initial encrypted data for the second time based on the second public key to obtain target transmission data includes:
and combining the initial encrypted data, the user identification and the preset check deadline to obtain a data message, and performing secondary encryption on the data message by using the second public key to obtain the target transmission data.
4. A data transmission method is applied to a mobile terminal, wherein the mobile terminal is in communication connection with a data management platform, and the method comprises the following steps:
receiving target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of a specified user and terminal information of the mobile terminal;
and performing multi-stage decryption processing on the target transmission data to obtain the data to be transmitted.
5. The method of claim 4, wherein the mobile terminal is communicatively coupled to a storage device of the designated user;
the step of performing multi-level decryption processing on the target transmission data to obtain the data to be transmitted includes:
carrying out first decryption on the target transmission data based on a second private key of the mobile terminal to obtain a data message; the data message comprises initial encrypted data, a user identifier and a preset check deadline, and the second private key corresponds to a second public key of the mobile terminal;
carrying out security check on the data message; the safety verification at least comprises user identification verification, preset verification time limit verification or storage terminal verification;
if the security check is passed, carrying out secondary decryption on the initial encrypted data by using a first private key of the storage device to obtain data to be transmitted; wherein the first private key corresponds to a first public key of the storage device.
6. The method of claim 4, further comprising: acquiring comparison data of a checked image, and comparing the comparison data with the data to be transmitted to obtain a data checking result;
after obtaining the data verification result, the method further comprises: and destroying the target transmission data and/or the comparison data.
7. The data transmission device is applied to a data management platform which is in communication connection with a specified mobile terminal, the data management platform stores data to be transmitted, and the device comprises:
the information acquisition module is used for acquiring user information of a specified user and terminal information of the mobile terminal;
the encryption module is used for carrying out multi-stage encryption processing on the data to be transmitted based on the user information and the terminal information to obtain target transmission data;
and the data transmission module is used for transmitting the target transmission data to the mobile terminal.
8. A data transmission device is applied to a mobile terminal, wherein the mobile terminal is in communication connection with a data management platform, and the device comprises:
the target transmission data receiving module is used for receiving the target transmission data sent by the data management platform; the target transmission data is obtained by the data management platform through carrying out multi-stage encryption processing on data to be transmitted based on user information of a specified user and terminal information of the mobile terminal;
and the comparison data acquisition module is used for carrying out multistage decryption processing on the target transmission data to obtain the data to be transmitted.
9. An electronic device comprising a memory and a processor; the memory has stored therein a computer program operable on the processor to perform the steps of the method of any of claims 1 to 3 or to perform the steps of the method of any of claims 4 to 6 when the computer program is executed.
10. A computer readable storage medium having stored thereon machine executable instructions which, when invoked and executed by a processor, cause the processor to execute the method of any of claims 1 to 3, or cause the processor to execute the method of any of claims 4 to 6.
CN202110122174.5A 2021-01-28 2021-01-28 Data transmission method and device and electronic equipment Active CN112910883B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110122174.5A CN112910883B (en) 2021-01-28 2021-01-28 Data transmission method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110122174.5A CN112910883B (en) 2021-01-28 2021-01-28 Data transmission method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN112910883A true CN112910883A (en) 2021-06-04
CN112910883B CN112910883B (en) 2023-04-07

Family

ID=76120089

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110122174.5A Active CN112910883B (en) 2021-01-28 2021-01-28 Data transmission method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN112910883B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117978502A (en) * 2024-02-02 2024-05-03 东莞市佰增软件科技有限公司 Vehicle data safety management method and system based on Internet of vehicles technology

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130166911A1 (en) * 2011-09-09 2013-06-27 Dictao Implementation process for the use of cryptographic data of a user stored in a data base
CN107204986A (en) * 2017-06-27 2017-09-26 四川捷云信通信息技术有限公司 High in the clouds storage encryption method, decryption method and high in the clouds storage encryption device
CN110008654A (en) * 2018-01-04 2019-07-12 北大方正集团有限公司 Electronic document treating method and apparatus
CN110730447A (en) * 2019-10-18 2020-01-24 中国联合网络通信集团有限公司 User identity protection method, user terminal and core network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130166911A1 (en) * 2011-09-09 2013-06-27 Dictao Implementation process for the use of cryptographic data of a user stored in a data base
CN107204986A (en) * 2017-06-27 2017-09-26 四川捷云信通信息技术有限公司 High in the clouds storage encryption method, decryption method and high in the clouds storage encryption device
CN110008654A (en) * 2018-01-04 2019-07-12 北大方正集团有限公司 Electronic document treating method and apparatus
CN110730447A (en) * 2019-10-18 2020-01-24 中国联合网络通信集团有限公司 User identity protection method, user terminal and core network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郑恒青: "数字版权***中P2P分发机制的研究与设计", 《中国优秀硕士学位论文全文数据库》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117978502A (en) * 2024-02-02 2024-05-03 东莞市佰增软件科技有限公司 Vehicle data safety management method and system based on Internet of vehicles technology

Also Published As

Publication number Publication date
CN112910883B (en) 2023-04-07

Similar Documents

Publication Publication Date Title
CN109889479B (en) Block chain-based user identity verification method and device and checking system
CN110798315B (en) Data processing method and device based on block chain and terminal
CN106330850B (en) Security verification method based on biological characteristics, client and server
TWI796675B (en) Blockchain-based identity verification method and related hardware
CN109194625B (en) Client application protection method and device based on cloud server and storage medium
CN113378236B (en) Evidence data online security notarization platform and security method
CN110096639B (en) Method and device for monitoring and obtaining evidence of infringement and terminal equipment
WO2021219086A1 (en) Data transmission method and system based on blockchain
CN111010367A (en) Data storage method and device, computer equipment and storage medium
EP4092984A1 (en) Data processing method and apparatus, device and medium
CN112699353B (en) Financial information transmission method and financial information transmission system
CN108985409B (en) Identity card information reading method and device and electronic equipment
CN114826661A (en) Data access method, device and medium based on open API
CN111585995B (en) Secure wind control information transmission and processing method and device, computer equipment and storage medium
CN106953731B (en) Authentication method and system for terminal administrator
CN106656955A (en) Communication method and system and user terminal
CN112910883B (en) Data transmission method and device and electronic equipment
CN107395350B (en) Method and system for generating key and key handle and intelligent key safety equipment
CN112383577A (en) Authorization method, device, system, equipment and storage medium
CN111600701B (en) Private key storage method, device and storage medium based on blockchain
CN115225350B (en) Government cloud encryption login verification method based on national secret certificate and storage medium
CN108183804B (en) Certificate sharing method
CN115967537A (en) Block chain-based power grid service data storage method and system
CN112132588B (en) Data processing method and device based on block chain, routing equipment and storage medium
CN114387137A (en) Block chain-based electronic contract signing method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant