CN113783835A - Password sharing method, device, equipment and storage medium - Google Patents

Password sharing method, device, equipment and storage medium Download PDF

Info

Publication number
CN113783835A
CN113783835A CN202110875578.1A CN202110875578A CN113783835A CN 113783835 A CN113783835 A CN 113783835A CN 202110875578 A CN202110875578 A CN 202110875578A CN 113783835 A CN113783835 A CN 113783835A
Authority
CN
China
Prior art keywords
sharing
password
target
template
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110875578.1A
Other languages
Chinese (zh)
Other versions
CN113783835B (en
Inventor
徐峰
吴昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Wodong Tianjun Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN202110875578.1A priority Critical patent/CN113783835B/en
Publication of CN113783835A publication Critical patent/CN113783835A/en
Application granted granted Critical
Publication of CN113783835B publication Critical patent/CN113783835B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a password sharing method, a password sharing device, password sharing equipment and a storage medium, wherein the method comprises the following steps: responding to a detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request; generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password; and generating a target sharing password based on the encrypted password, and sending the target sharing password to the client. According to the method provided by the embodiment of the invention, the target sharing password is generated based on the target sharing template token, so that the structural complexity and the characteristic complexity of the target sharing password are increased, the target sharing password is not easy to crack, and the safety of the target sharing password is improved.

Description

Password sharing method, device, equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a password sharing method, device, equipment and storage medium.
Background
With the development of information transmission technology, a plurality of software has a sharing function, and users can send sharing information needing to be shared to other users through different sharing channels. However, the sharing mode is often affected by the current limitation of the sharing channel, so that when the sharing amount is large, the sharing is often performed by adopting a password sharing mode, a user can send the sharing password to other users through different sharing channels, and the other users can access the sharing information to be shared through the sharing password.
In the process of implementing the invention, the inventor finds that at least the following technical problems exist in the prior art: when the sharing password is generated, the shared jump link is simple in structure and obvious in characteristic, the jump link is easy to be tampered by hackers through means of packet capturing and the like, the password of the selected jump link can automatically guide the user to a page guided by the hackers, and the password is intercepted.
Disclosure of Invention
The embodiment of the invention provides a password sharing method, device, equipment and storage medium, which are used for solving the risk of tampering a link in a password generation process and improving the security of password propagation.
In a first aspect, an embodiment of the present invention provides a password sharing method, applied to a server, including:
responding to the detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request;
generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
and generating a target sharing password based on the encrypted password, and sending the target sharing password to the client.
In a second aspect, an embodiment of the present invention further provides a password sharing method, applied to a client, including:
responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server, and taking the target sharing password as the sharing password of the object sharing request.
In a third aspect, an embodiment of the present invention further provides a password sharing apparatus, configured at a server, including:
the token parameter acquisition module is used for responding to the detected sharing password acquisition request and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
the encrypted password determining module is used for generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
and the sharing password generating module is used for generating a target sharing password based on the encrypted password and sending the target sharing password to the client.
In a fourth aspect, an embodiment of the present invention further provides a password sharing apparatus, configured at a client, including:
the template token acquisition module is used for responding to the detected object sharing request and acquiring a target sharing template token corresponding to the object sharing request;
the password acquisition request module is used for generating a sharing password acquisition request according to the target sharing template token and the sharing object and sending the sharing password acquisition request to the server;
and the sharing password acquisition module is used for receiving the target sharing password returned by the server and taking the target sharing password as the sharing password of the object sharing request.
In a fifth aspect, an embodiment of the present invention further provides a computer device, where the computer device includes:
one or more processors;
storage means for storing one or more programs;
when executed by one or more processors, cause the one or more processors to implement the password sharing method as provided by the first aspect of the embodiments of the present invention and/or implement the password sharing method as provided by the second aspect of the embodiments of the present invention.
In a sixth aspect, the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the password sharing method provided in the first aspect of the embodiment of the present invention and/or implements the password sharing method provided in the second aspect of the embodiment of the present invention.
The embodiment of the invention responds to the detected sharing password obtaining request to obtain the target sharing template token and the sharing object parameter corresponding to the sharing password obtaining request; generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password; the target sharing password is generated based on the encrypted password and is sent to the client, and the target sharing password is generated based on the target sharing template token, so that the structural complexity and the characteristic complexity of the target sharing password are increased, the target sharing password is not easy to crack, and the safety of the target sharing password is improved.
Drawings
Fig. 1 is a schematic flowchart of a password sharing method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a password sharing method according to a second embodiment of the present invention;
fig. 3 is a schematic flowchart of a password sharing method according to a third embodiment of the present invention;
fig. 4a is a schematic flowchart of a password sharing method according to a fourth embodiment of the present invention;
fig. 4b is a schematic flowchart of domain name pre-resolution according to a fourth embodiment of the present invention;
fig. 4c is a schematic flow chart of plaintext password generation according to a fourth embodiment of the present invention;
fig. 4d is a schematic flowchart of generating a target sharing password according to a fourth embodiment of the present invention;
fig. 4e is a schematic flow chart of password redemption provided in the fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of a password sharing apparatus according to a fifth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a password sharing apparatus according to a sixth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a computer device according to a seventh embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart illustrating a password sharing method according to an embodiment of the present invention. The password sharing method provided by the embodiment is applied to the server and can be applied to the situation of password sharing. The method may be performed by a password sharing apparatus, which may be implemented in software and/or hardware, for example, the password sharing apparatus may be configured in a computer device. As shown in fig. 1, the method includes:
and S110, responding to the detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request.
In this embodiment, the request for obtaining the sharing password may be a request initiated by the client and used to obtain the analysis password of the sharing object. For example, after the client triggers the object sharing request, the client generates an analysis password acquisition request based on the detected object sharing request and sends the analysis password acquisition request to the server.
Generally, the analysis password acquisition request includes information such as a sharing object, a sharing source user identifier, and a sharing channel. For the structural complexity and the feature complexity of the target sharing password, in this embodiment, the source text information of the sharing object is no longer used as the target sharing password, but the target sharing password is generated based on a preset sharing template. In order to further ensure the security of the target sharing password, the sharing target can be encrypted to generate a sharing template token, and the target sharing password is generated based on the sharing template token. Optionally, the client issues the sharing template token in advance, and after the client detects the object sharing request initiated by the user, the client generates the sharing password obtaining request based on the sharing template token issued in advance by the server and the sharing object parameter. After receiving the sharing password acquisition request sent by the client, the server analyzes the sharing password acquisition request to obtain a sharing template token and sharing object parameters contained in the sharing password acquisition request, and takes the sharing template token in the sharing password acquisition request as a target sharing template token. The target sharing template token may be in a display form of a character string, and the sharing object parameter may also be displayed in a character form, which is not limited herein.
On the basis of the above scheme, the password sharing method provided in this embodiment further includes:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
It is understood that different shared object types may exist, and different shared passwords may exist. Based on this, in order to unify the sharing templates of the same type, a sharing template corresponding to each sharing object type may be set, the sharing template is encrypted to obtain a sharing template token, and the sharing template token and the sharing object type are stored in an associated manner and issued to the client, so that the client can generate a sharing password acquisition request according to the sharing template token issued by the server in advance. The sharing object types can be divided according to different standards, for example, the sharing object types can be article types, activity types, and the like. When the sharing object type is an article type, the sharing object can be a cyber blog, when the sharing object type is an article type, the sharing object can be a commodity, and when the sharing object type is an activity type, the sharing object can be a marketing activity and the like.
And S120, generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password.
In this embodiment, after the server obtains the target sharing template token and the sharing object parameter, the information of the sharing object may be determined, and then the sharing password is generated. In order to avoid plaintext transmission of the shared password, after the shared password of the plaintext is generated based on the target shared template token and the shared object parameter, the plaintext password needs to be encrypted to obtain an encrypted password.
In one embodiment of the present invention, generating a plaintext password based on a target sharing template token and a sharing object parameter includes:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain a plaintext password.
It will be appreciated that the target sharing template is an unencrypted form of the target sharing template token, and thus, the target sharing template may be generated directly based on the target sharing template token. Optionally, the association relationship between the target sharing template and the target sharing template token may be pre-stored, the target sharing template corresponding to the target sharing template token is directly determined according to the pre-stored association relationship, and the target sharing template may also be directly obtained by decrypting the target sharing template token.
In one embodiment, the target sharing template is mainly divided into three parts: the host name (www.example.com) + the path (path) + a parameter (a. Is one of the parameter templates (a? Is a placeholder. Correspondingly, the shared object parameter includes a hostname parameter path parameter. Based on the method, the sharing object parameter can be directly used as the placeholder parameter of the target sharing template to obtain the plaintext password.
And S130, generating a target sharing password based on the encrypted password, and sending the target sharing password to the client.
In this embodiment, after the encrypted password is obtained, the target sharing password is generated based on the encrypted password, and the target sharing password is sent to the client. Optionally, an information header and the like may be directly added on the basis of the encrypted password to generate the target sharing password, and the encrypted password may be further processed to obtain the target sharing password.
In one embodiment, generating a target-sharing password based on an encrypted password comprises: and encrypting the encrypted password to obtain the target sharing password. In order to ensure the security of the target sharing password, the encrypted password can be encrypted again to obtain the target sharing password. Optionally, encrypting the encrypted password to obtain the target sharing password includes: and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password. The Advanced Encryption Standard (AES) algorithm is used for carrying out Encryption operation on a data file, is an algorithm with high speed and high security level and high diffusion performance, is an Advanced symmetric Encryption Standard, and ensures that a finally formed password has high randomness, thereby ensuring the security of a target shared password.
The embodiment of the invention responds to the detected sharing password obtaining request to obtain the target sharing template token and the sharing object parameter corresponding to the sharing password obtaining request; generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password; the target sharing password is generated based on the encrypted password and is sent to the client, and the target sharing password is generated based on the target sharing template token, so that the structural complexity and the characteristic complexity of the target sharing password are increased, the target sharing password is not easy to crack, and the safety of the target sharing password is improved.
Example two
Fig. 2 is a flowchart illustrating a password sharing method according to a second embodiment of the present invention. The password sharing method provided by the embodiment is applied to an application terminal and can be applied to the situation of password sharing. The method may be performed by a password sharing apparatus, which may be implemented in software and/or hardware, for example, the password sharing apparatus may be configured in a computer device. As shown in fig. 2, the method includes:
s210, responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request.
In this embodiment, the object sharing request may be a request initiated by a user through an operation terminal and used for requesting to share a certain object. Illustratively, a user triggers an object sharing instruction on an operation terminal interface, the operation terminal generates an object sharing request based on the object sharing instruction triggered by the user, and after detecting the object sharing request initiated by the user, a client determines a target sharing template token corresponding to the object sharing request so as to generate a sharing password obtaining request based on the target sharing target token. The sharing template token is issued by the server in advance.
In an embodiment of the present invention, acquiring a target sharing template token corresponding to an object sharing request includes:
and determining a target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as the target template sharing token.
It is understood that different shared object types may exist, and different shared passwords may exist. Based on this, the server unifies the sharing templates of the same type, the sharing template corresponding to each sharing object type can be set, the sharing template is encrypted to obtain a sharing template token, the sharing template token and the sharing object type are stored in an associated mode and issued to the client, the client can determine a target sharing token according to the target sharing type of the object sharing request after detecting the object sharing request, and then the sharing password obtaining request is generated based on the target sharing template token. The sharing object types can be divided according to different standards, for example, the sharing object types can be article types, activity types, and the like. When the sharing object type is an article type, the sharing object can be a cyber blog, when the sharing object type is an article type, the sharing object can be a commodity, and when the sharing object type is an activity type, the sharing object can be a marketing activity and the like. After detecting the object sharing request, the client determines the object type of the shared object as a target sharing type, and searches a sharing template token corresponding to the target sharing type from the sharing template tokens issued by the server in advance as the target sharing template token.
And S220, generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server.
Optionally, the parameters of the shared object required for generating the shared password obtaining request may be determined based on the target shared template token. And generating a sharing password acquisition request based on the target sharing template token and the sharing object parameter. Specifically, the target sharing template may be generated based on the target sharing template token, and a parameter that needs to be complemented in the target sharing template is used as a sharing object parameter required by the sharing password obtaining request. For example, the shared object parameter may be a hostname, a path, or other parameters of the shared object.
It will be appreciated that the target sharing template is an unencrypted form of the target sharing template token, and thus, the target sharing template may be generated directly based on the target sharing template token. Optionally, the association relationship between the target sharing template and the target sharing template token may be pre-stored, the target sharing template corresponding to the target sharing template token is directly determined according to the pre-stored association relationship, and the target sharing template may also be directly obtained by decrypting the target sharing template token.
And S230, receiving a target sharing password returned by the server, and taking the target sharing password as a sharing password of the object sharing request.
In this embodiment, after receiving the target sharing password returned by the server, the client uses the target sharing password as the sharing password of the object sharing request. Illustratively, the target sharing password may be added to the clipboard, and when the user triggers the paste operation, the target sharing directory is pasted to a position corresponding to the user paste operation, so as to complete the sharing of the shared object.
On the basis of the scheme, after receiving a sharing password, a shared user initiates a sharing object access request based on the sharing password, after detecting the sharing object access request triggered by the user, a client generates a sharing object information acquisition request and sends the sharing object information acquisition request to a server, the server analyzes the sharing information acquisition request to obtain a target sharing template token in a target sharing password, and then acquires sharing object information corresponding to the sharing object acquisition request based on the target sharing template token and sharing object parameters and sends the sharing object information to the client.
It can be understood that the user may paste the target sharing password and then copy the sharing object access request triggered by the target sharing password, or may share the target sharing password to other users, and the other users operate the sharing object access request triggered by the target sharing password through other clients. Therefore, in this embodiment, the client that acquires the target sharing password and the client that generates the sharing object access request based on the target sharing password to acquire the sharing object information may be the same client or may be different clients, that is, the client that initiates the sharing password acquisition request and the client that initiates the sharing object information acquisition request may be the same client or may be different clients.
The method and the device for the object sharing acquire the target sharing template token corresponding to the object sharing request by responding to the detected object sharing request; generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server; the target sharing password returned by the server is received, the target sharing password is used as the sharing password of the object sharing request, the sharing password obtaining request is generated based on the target sharing template token, the structural complexity and the characteristic complexity of the sharing password obtaining request are increased, the sharing password obtaining request is not easy to break, the security of the sharing password obtaining request is improved, and the security of the obtained target sharing password is further improved.
EXAMPLE III
Fig. 3 is a flowchart illustrating a password sharing method according to a third embodiment of the present invention. The password sharing method provided by the embodiment is interactively executed by the application terminal and the server terminal, and is suitable for the situation of password sharing. In this embodiment, explanations of the same or corresponding terms as those in the above embodiments are omitted. As shown in fig. 3, the method includes:
s310, the client responds to the detected object sharing request and obtains a target sharing template token corresponding to the object sharing request.
And S320, the client generates a sharing password obtaining request according to the target sharing template token and the sharing object, and sends the sharing password obtaining request to the server.
S330, the server side responds to the detected sharing password obtaining request, and obtains a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request.
And S340, the server generates a plaintext password based on the target sharing template token and the sharing object parameter, and encrypts the plaintext password to obtain an encrypted password.
And S350, the server generates a target sharing password based on the encrypted password and sends the target sharing password to the client.
And S360, the client receives the target sharing password returned by the server, and takes the target sharing password as the sharing password of the object sharing request.
According to the embodiment of the invention, the client generates the shared password acquisition request based on the target shared template token, so that the structural complexity and the characteristic complexity of the shared password acquisition request are increased; the server generates a target sharing password based on the target sharing template token, so that the structural complexity and the feature complexity of the target sharing password are increased; the shared password acquisition request is not easy to be cracked, the security of the shared password acquisition request is improved, and the security of the acquired target shared password is further improved.
Example four
The present embodiment provides a preferred embodiment based on the above-described scheme.
At present, password-based sharing is a method of using a plain text to realize cross-APP and cross-platform information sharing by using a clipboard of a user as a carrier. However, the current plain text password is easy to be broken and intercepted, and the embodiment of the invention provides a password sharing method in order to solve the technical problem. Fig. 4a is a flowchart illustrating a password sharing method according to a fourth embodiment of the present invention. As shown in fig. 4a, the password sharing method provided in the embodiment of the present invention mainly includes: domain name pre-resolution, password generation and password redemption. Wherein:
the domain name pre-resolution mainly realizes the generation of the target password sharing token. Fig. 4b is a schematic flowchart of domain name pre-resolution according to a fourth embodiment of the present invention. As shown in fig. 4b, domain name pre-resolution includes:
(1) the service needs to determine a shared Uniform Resource Locator (URL) template (i.e., target password sharing template) first, such as http:// www.example.com/patha & ×.xx. The template is mainly divided into three parts: host name (www.example.com) + path (path) + parameter (a. Wherein both the path and the parameters of the URL are designed as variable parameters. The path is an unnecessary parameter. Parameter template (a? Is a placeholder.
(2) Uploading the host name, the path and the parameter template, and binding the parameters with the service identity during uploading. The target password sharing template http:// www.example.com/patha ═ xx & ═ b ═ xx is preresolved into a token: 3 nyrbaawwbvxsdd (namely the target password sharing token), when the client actually calls, the URL only needs to transmit the target password sharing token 3 nyrbaawwbvxsdd, the parameter sets [ value1, value2], and the path can transmit/path.
(3) And (3) preprocessing the server, sub-packaging the host name, the path and the parameter template into objects, acquiring a key with 16-bit characters as a redis key through a set algorithm, and returning the key as a target password sharing token to the client.
Through the mode of domain name and resolution, the intercepting party can not replace the original link of the password with the own link, thereby achieving the purpose of preventing interception.
The domain name pre-analysis mainly realizes the generation of a target sharing password. The method comprises the following steps:
in the domain name pre-resolving stage, the client already acquires the token of the domain name (namely, the target password sharing token), so that when the sharing password acquisition request is generated, the client does not need to use a plaintext link as a parameter, and only needs to carry the token and the parameter array. Fig. 4c is a schematic flow chart of clear text password generation according to a fourth embodiment of the present invention. As shown in fig. 4c, the server redeems the target sharing password template token into a target sharing password template, and then adds the sharing object parameter as a placeholder parameter to the target sharing password template to obtain a complete url serving as a plaintext password.
After the plaintext link is obtained at the server side through the token, a token is generated again as a secret key (namely an encrypted password) of the password by using a domain name pre-resolution stage method and is interspersed in a shared password file. And finally, encrypting the finished password scheme once to obtain a target sharing password and issuing the target sharing password to the client, and analyzing and displaying the password by the client through a Software Development Kit (SDK). Fig. 4d is a schematic flowchart of generating a target sharing password according to a fourth embodiment of the present invention. As shown in fig. 4d, the server side assembles password information from the plaintext password, generates a token, stores the token, synthesizes the token to obtain a target sharing password, and sends the target sharing password to the client side.
The password exchange mainly realizes the acquisition of the information corresponding to the target shared password. Fig. 4e is a schematic flowchart of password redemption according to a fourth embodiment of the present invention. As shown in fig. 4e, password redemption includes:
the client encrypts the password (such as AES encryption) on the user clipboard and then transparently transmits the password to the server, and the server acquires the token in the case through decryption and acquires the shared original text from the redis service and transmits the shared original text to the client.
The embodiment of the invention provides a domain name pre-resolution strategy in the password sharing process, and through the pre-resolution, the problem of plaintext transmission is effectively solved, and the security of the password is greatly improved.
EXAMPLE five
Fig. 5 is a schematic structural diagram of a password sharing apparatus according to a fifth embodiment of the present invention. The password sharing apparatus may be implemented in software and/or hardware, for example, the password sharing apparatus may be configured in a computer device, such as a server. As shown in fig. 3, the apparatus includes a token parameter obtaining module 510, an encrypted password determining module 520, and a shared password generating module 530, wherein:
a token parameter obtaining module 510, configured to, in response to the detected sharing password obtaining request, obtain a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request;
an encrypted password determining module 520, configured to generate a plaintext password based on the target sharing template token and the sharing object parameter, and encrypt the plaintext password to obtain an encrypted password;
and a sharing password generating module 530, configured to generate a target sharing password based on the encrypted password, and send the target sharing password to the client.
In the embodiment of the invention, the token parameter acquisition module responds to the detected sharing password acquisition request to acquire the target sharing template token and the sharing object parameter corresponding to the sharing password acquisition request; the encrypted password determining module generates a plaintext password based on the target sharing template token and the sharing object parameter, and encrypts the plaintext password to obtain an encrypted password; the sharing password generation module generates a target sharing password based on the encrypted password, sends the target sharing password to the client, and generates the target sharing password based on the target sharing template token, so that the structural complexity and the characteristic complexity of the target sharing password are increased, the target sharing password is not easy to crack, and the safety of the target sharing password is improved.
Generating a plaintext password based on the target sharing template token and the sharing object parameter, comprising:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain a plaintext password.
Optionally, further, the sharing password generating module 530 is specifically configured to:
and encrypting the encrypted password to obtain the target sharing password.
Optionally, further, the sharing password generating module 530 is specifically configured to:
and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password.
Optionally, the apparatus further includes a template token generation module, configured to:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
The password sharing device provided by the embodiment of the invention can execute the password sharing method provided by the first embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
EXAMPLE six
Fig. 6 is a schematic structural diagram of a password sharing apparatus according to a sixth embodiment of the present invention. The password sharing apparatus may be implemented in software and/or hardware, for example, the password sharing apparatus may be configured in a computer device, such as an application terminal. As shown in fig. 3, the apparatus includes a template token obtaining module 610, a password obtaining request module 620, and a shared password obtaining module 630, wherein:
the template token obtaining module 610 is configured to, in response to the detected object sharing request, obtain a target sharing template token corresponding to the object sharing request;
the password obtaining request module 620 is configured to generate a shared password obtaining request according to the target sharing template token and the sharing object, and send the shared password obtaining request to the server;
and a sharing password obtaining module 630, configured to receive the target sharing password returned by the server, and use the target sharing password as the sharing password of the object sharing request.
According to the embodiment of the invention, the template token acquisition module responds to the detected object sharing request and acquires the target sharing template token corresponding to the object sharing request; the password acquisition request module generates a shared password acquisition request according to the target sharing template token and the sharing object, and sends the shared password acquisition request to the server; the sharing password obtaining module receives a target sharing password returned by the server, takes the target sharing password as a sharing password of the object sharing request, and generates the sharing password obtaining request based on the target sharing template token, so that the structural complexity and the characteristic complexity of the sharing password obtaining request are increased, the sharing password obtaining request is not easy to be broken, the security of the sharing password obtaining request is improved, and the security of the obtained target sharing password is improved.
Optionally, on the basis of the foregoing scheme, the template token obtaining module 610 is specifically configured to:
and determining a target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as the target template sharing token.
The password sharing device provided by the embodiment of the invention can execute the password sharing method provided by the second embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
EXAMPLE seven
Fig. 7 is a schematic structural diagram of a computer device according to a seventh embodiment of the present invention. FIG. 5 illustrates a block diagram of an exemplary computer device 712 suitable for use in implementing embodiments of the present invention. The computer device 712 shown in fig. 7 is only an example and should not bring any limitations to the functionality or scope of use of the embodiments of the present invention.
As shown in fig. 7, computer device 712 is embodied in the form of a general purpose computing device. Components of computer device 712 may include, but are not limited to: one or more processors 716, a system memory 728, and a bus 718 that couples the various system components (including the system memory 728 and the processors 716).
Bus 718 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and processor 716 or a local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, micro-channel architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Computer device 712 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by computer device 712 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 728 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM)730 and/or cache memory 732. Computer device 712 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage device 734 may be used to read from or write to non-removable, nonvolatile magnetic media (not shown in FIG. 7, and commonly referred to as a "hard drive"). Although not shown in FIG. 7, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to the bus 718 by one or more data media interfaces. Memory 728 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
Program/utility 740 having a set (at least one) of program modules 742 may be stored, for instance, in memory 728, such program modules 742 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may include an implementation of a network environment. Program modules 742 generally perform the functions and/or methodologies of embodiments of the invention as described herein.
Computer device 712 may also communicate with one or more external devices 714 (e.g., keyboard, pointing device, display 724, etc.), with one or more devices that enable a user to interact with computer device 712, and/or with any devices (e.g., network card, modem, etc.) that enable computer device 712 to communicate with one or more other computing devices. Such communication may occur through input/output (I/O) interfaces 722. Also, computer device 712 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet) through network adapter 720. As shown, network adapter 720 communicates with the other modules of computer device 712 via bus 718. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with computer device 712, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processor 716 executes programs stored in the system memory 728 to execute various functional applications and data processing, for example, to implement a password sharing method provided in an embodiment of the present invention, the method includes:
responding to the detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request;
generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
generating a target sharing password based on the encrypted password, and sending the target sharing password to the client;
and/or, the method for acquiring clinical research data provided by the second embodiment of the present invention is implemented, and the method includes:
responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server, and taking the target sharing password as the sharing password of the object sharing request.
Of course, those skilled in the art can understand that the processor can also implement the technical solution of the password sharing method provided by any embodiment of the present invention.
Example eight
The fifth embodiment of the present invention further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the method for sharing a password provided in the first embodiment of the present invention is implemented, where the method includes:
responding to the detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request;
generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
generating a target sharing password based on the encrypted password, and sending the target sharing password to the client;
and/or, the method for acquiring clinical research data provided by the second embodiment of the present invention is implemented, and the method includes:
responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server, and taking the target sharing password as the sharing password of the object sharing request.
Of course, the computer program stored on the computer-readable storage medium provided in the embodiments of the present invention is not limited to the above method operations, and may also perform operations related to the password sharing method provided in any embodiments of the present invention.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, or the like, as well as conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments illustrated herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (11)

1. A password sharing method, comprising:
responding to a detected sharing password obtaining request, and obtaining a target sharing template token and sharing object parameters corresponding to the sharing password obtaining request;
generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
and generating a target sharing password based on the encrypted password, and sending the target sharing password to the client.
2. The method of claim 1, wherein generating a plaintext password based on the target sharing template token and the shared object parameter comprises:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain the plaintext password.
3. The method of claim 1, wherein generating the target-sharing password based on the encrypted password comprises:
and encrypting the encrypted password to obtain the target sharing password.
4. The method of claim 3, wherein encrypting the encrypted password to obtain the target-sharing password comprises:
and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password.
5. The method of claim 1, further comprising:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
6. A password sharing method, comprising:
responding to a detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to a server;
and receiving a target sharing password returned by the server, and taking the target sharing password as the sharing password of the object sharing request.
7. The method according to claim 6, wherein the obtaining of the target sharing template token corresponding to the object sharing request includes:
and determining a target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as the target sharing template token.
8. A password sharing apparatus, comprising:
the token parameter acquisition module is used for responding to the detected sharing password acquisition request and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
the encrypted password determining module is used for generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
and the sharing password generating module is used for generating a target sharing password based on the encrypted password and sending the target sharing password to the client.
9. A password sharing apparatus, comprising:
the template token acquisition module is used for responding to the detected object sharing request and acquiring a target sharing template token corresponding to the object sharing request;
the password acquisition request module is used for generating a shared password acquisition request according to the target sharing template token and the sharing object and sending the shared password acquisition request to a server;
and the sharing password acquisition module is used for receiving a target sharing password returned by the server and taking the target sharing password as the sharing password of the object sharing request.
10. A computer device, the device comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the password sharing method of any of claims 1-5 and/or the password sharing method of any of claims 6-7.
11. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the password sharing method of any one of claims 1 to 5 and/or the password sharing method of any one of claims 6 to 7.
CN202110875578.1A 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium Active CN113783835B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110875578.1A CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110875578.1A CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113783835A true CN113783835A (en) 2021-12-10
CN113783835B CN113783835B (en) 2023-07-04

Family

ID=78836277

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110875578.1A Active CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113783835B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070283163A1 (en) * 2006-06-06 2007-12-06 Red Hat, Inc. Methods and systems for nonce generation in a token
US20110286595A1 (en) * 2010-05-19 2011-11-24 Cleversafe, Inc. Storing access information in a dispersed storage network
US20140115332A1 (en) * 2012-10-19 2014-04-24 International Business Machines Corporation Secure sharing and collaborative editing of documents in cloud based applications
CN110290146A (en) * 2019-07-03 2019-09-27 北京达佳互联信息技术有限公司 Share generation method, device, server and the storage medium of password
CN111339508A (en) * 2020-02-28 2020-06-26 北京达佳互联信息技术有限公司 Shared password analysis method and device, electronic equipment and storage medium
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium
CN112632418A (en) * 2020-12-16 2021-04-09 北京达佳互联信息技术有限公司 Password sharing method and device, electronic equipment and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070283163A1 (en) * 2006-06-06 2007-12-06 Red Hat, Inc. Methods and systems for nonce generation in a token
US20110286595A1 (en) * 2010-05-19 2011-11-24 Cleversafe, Inc. Storing access information in a dispersed storage network
US20140115332A1 (en) * 2012-10-19 2014-04-24 International Business Machines Corporation Secure sharing and collaborative editing of documents in cloud based applications
CN110290146A (en) * 2019-07-03 2019-09-27 北京达佳互联信息技术有限公司 Share generation method, device, server and the storage medium of password
CN111339508A (en) * 2020-02-28 2020-06-26 北京达佳互联信息技术有限公司 Shared password analysis method and device, electronic equipment and storage medium
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium
CN112632418A (en) * 2020-12-16 2021-04-09 北京达佳互联信息技术有限公司 Password sharing method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN113783835B (en) 2023-07-04

Similar Documents

Publication Publication Date Title
US11283778B2 (en) Data exchange system, method and device
CN110048848B (en) Method, system and storage medium for sending session token through passive client
CN108964893B (en) Key processing method, device, equipment and medium
US10375064B2 (en) Method, apparatus, and system for remotely accessing cloud applications
CN111835774B (en) Data processing method, device, equipment and storage medium
CN111199037B (en) Login method, system and device
CN114826733B (en) File transmission method, device, system, equipment, medium and program product
CN109613990A (en) Soft keyboard secured inputting method, server, client, electronic equipment and medium
WO2021137769A1 (en) Method and apparatus for sending and verifying request, and device thereof
US20240187420A1 (en) Securing browser cookies
CN111193725A (en) Configuration-based combined login method and device and computer equipment
CN113630412B (en) Resource downloading method, resource downloading device, electronic equipment and storage medium
CN109711178B (en) Key value pair storage method, device, equipment and storage medium
US10049222B1 (en) Establishing application trust levels using taint propagation
CN109120576B (en) Data sharing method and device, computer equipment and storage medium
US20200145200A1 (en) Attribute-based key management system
CN113783835B (en) Password sharing method, device, equipment and storage medium
CN112565156A (en) Information registration method, device and system
Gupta et al. Data Security in Distributed Environments
CN110858243A (en) Page acquisition method and device for gateway
CN114465976B (en) Method and device for distributing and aggregating messages
KR101511451B1 (en) Method of encryption to keyboard input information
CN112559825B (en) Service processing method, device, computing equipment and medium
US20230403138A1 (en) Agentless single sign-on techniques
CN115037464A (en) Random number seed generation method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant