CN116090028B - Electronic contract management method, device, equipment and medium capable of configuring security level - Google Patents

Abstract

The embodiment of the invention discloses a method, a device, equipment and a medium for managing an electronic contract with configurable security level, and relates to the technical field of electronic signature. The method comprises the following steps: sending an electronic contract reading request to a contract management server, sending an encryption key request to a key management server, receiving a secret matching electronic contract sent by the contract management server and a signature of the electronic contract, and receiving key information sent by the key management server; the secret matching electronic contract is decrypted based on the key information to obtain the decrypted matching electronic contract, and the signature of the electronic contract is verified, so that different secret strategies can be configured for the sensitive information of the electronic contract corresponding to different users, only the sensitive information with authority reading can be seen for any user, and the safety of the sensitive information is improved.

Description

Electronic contract management method, device, equipment and medium capable of configuring security level

Technical Field

The present invention relates to the field of electronic signature technologies, and in particular, to a method, an apparatus, a device, and a medium for managing an electronic contract with configurable security levels.

Background

In the current file management technology, there is a concept of security level, for example, classified into four levels according to security attribute from high to low: secret, confidential, secret, non-secret. If a user belongs to the confidential level, the files with the confidential level and the levels below can be read; if a user belongs to the confidentiality level, the files with the confidentiality level and below can be read, but the files with the confidentiality level cannot be read; similarly, a user with security level can read the document with security level and a user with non-security level can only read the document with non-security level.

However, in the scenario of electronic contract application, the manner of setting the security level of the file often cannot fully meet the actual requirements. For example, in some bidding scenarios, after an electronic contract is signed, the signing party needs to send the electronic contract to a plurality of different organizations to seek subcontractors of the contract to cooperatively complete the contract for the contract, so that the signing party cannot control the security level of the contract regardless of the properties of the subcontractors and their members, however, the subcontractors often do not have the same complete reading rights to the electronic contract as the signing party. Moreover, different subcontractors have different read rights to the electronic contract, e.g., bidding electronic contracts often contain multiple different fields of content, many of which are necessary for a subcontractor and irrelevant or even unsuitable for disclosure by other subcontractors. In addition, there is also a demand for setting security level and contractual standardization use for a subcontractor, and the setting and demand are often not consistent with those of signing parties or other subcontractors.

Disclosure of Invention

The embodiment of the invention provides a method, a device, equipment and a medium for managing an electronic contract with configurable security level, which aim to solve the problem that the security mechanism of the traditional electronic contract can not configure different security policies for sensitive information of different users.

In a first aspect, an embodiment of the present invention provides an electronic contract management method capable of configuring a security level, where an electronic contract management system includes a signing party terminal, a contract management server, a key management server, and a requesting party terminal; sensitive information in the electronic contract is divided into contract modules; the method is applied to the requester terminal, and comprises the following steps:

sending an electronic contract reading request to the contract management server and sending an encryption key request to the key management server, wherein the electronic contract reading request and the encryption key request both contain identity information of a requester; the contract management server determines a contract module with reading authority of the applicant as a target contract module according to the identity information; the contract management server generates a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sends the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal; the key management server generates key information matched with the secret matching electronic contract based on the identity information and sends the key information to the requester terminal;

Receiving the secret matching electronic contract and the signature of the electronic contract sent by the contract management server, and receiving the key information sent by the key management server;

and decrypting the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract, and verifying the signature of the electronic contract.

In a second aspect, an embodiment of the present invention provides an electronic contract management method capable of configuring a security level, where an electronic contract management system includes a signer terminal, a contract management server, a key management server, and a requester terminal for executing the method of the first aspect; sensitive information in the electronic contract is divided into contract modules; the method is applied to the contract management server, and comprises the following steps:

receiving an electronic contract reading request sent by a request party terminal, wherein the electronic contract reading request comprises identity information of a requester;

determining a contract module with reading authority of the requester as a target contract module according to the identity information;

and generating a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sending the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal.

In a third aspect, an embodiment of the present invention provides an electronic contract management method capable of configuring a security level, where an electronic contract management system includes a signer terminal, a contract management server, a key management server, and a requester terminal for executing the method of the first aspect; sensitive information in the electronic contract is divided into contract modules; the method is applied to the key management server, and comprises the following steps:

receiving an encryption key request sent by a requester terminal, wherein the encryption key request comprises identity information of a requester;

and generating key information matched with the secret matching electronic contract corresponding to the requester based on the identity information, and sending the key information to the requester terminal.

In a fourth aspect, an embodiment of the present invention further provides an electronic contract management apparatus with configurable security levels, which includes a unit for executing the above method.

In a fifth aspect, an embodiment of the present invention further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the method when executing the computer program.

In a sixth aspect, embodiments of the present invention also provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the above method.

The embodiment of the invention provides a method, a device, equipment and a medium for managing an electronic contract with configurable security level. Wherein the method comprises the following steps: sending an electronic contract reading request to the contract management server, sending an encryption key request to the key management server, receiving the secret matching electronic contract sent by the contract management server, and receiving the key information sent by the key management server; and decrypting the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract, and verifying the signature of the electronic contract. The contract management server determines the privacy policy of the applicant based on the identity information of the applicant, so that a target contract module with reading permission of the applicant is determined based on the privacy policy, a privacy matching electronic contract matched with the applicant is generated based on an encryption contract module corresponding to the target contract module, meanwhile, the secret matching electronic contract is decrypted by providing key information matched with the privacy matching electronic contract by the key management server, different privacy policies can be configured for sensitive information of different users on the electronic contract, only the sensitive information with permission to read can be seen for any user, and the security of the sensitive information is improved.

The invention has the beneficial effects that:

1, in the content related to the contract uploaded to the contract management party, no sensitive information exists, so that any network member irrelevant to the contract sensitive information, including the contract management party, cannot acquire the sensitive information.

The method and the system determine the category division, role definition and security level definition of the contract module through the contract signing party and the contract receiver, not only meet the requirement of the contract receiver on the custom security level, but also greatly improve the flexibility of the scheme, thereby expanding the application scene of the scheme, meeting the control requirement of the contract signing party on the security level of the contract receiver, and particularly meeting the requirement of the contract signing party on shielding different types of sensitive information of different contract receivers.

The sensitive information in the contract is encrypted according to the different security levels and the times of matching with the security levels, so that the security of the sensitive information is improved; when the sensitive information is decrypted, the decryption result generated by each decryption can verify the correctness, and the credibility of the decryption result is improved.

And 4, the key with the highest security level is respectively set for the sensitive information fragments (i.e. the contract modules), and a plurality of keys with lower levels are generated through the one-way function, so that the key management workload is reduced to different degrees under the condition of different numbers of contract receivers when compared with the conventional method.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic view of an application scenario of an electronic contract management method with configurable security level according to an embodiment of the present invention;

fig. 2 is a schematic flow chart of an electronic contract management method with configurable security level according to an embodiment of the present invention;

FIG. 3 is a schematic flow chart of a method for managing electronic contracts with configurable security levels according to an embodiment of the present invention;

FIG. 4 is a schematic flow chart of another method for managing electronic contracts with configurable security levels according to an embodiment of the present invention;

FIG. 5 is a schematic block diagram of an electronic contract management apparatus with configurable security levels according to an embodiment of the present invention;

FIG. 6 is another schematic block diagram of an electronic contract management apparatus with configurable security levels, in accordance with an embodiment of the present invention;

FIG. 7 is a further schematic block diagram of an electronic contract management apparatus with configurable security levels in accordance with an embodiment of the invention;

fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present invention.

Detailed Description

The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.

As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".

Referring to fig. 1, fig. 1 is a schematic view of an application scenario of an electronic contract management method with configurable security level according to an embodiment of the present invention. As can be seen from fig. 1, the method is applied to an electronic contract management system including a signer terminal 100, a contract management server 200, a key management server 300, and a requester terminal 400. Signing party terminal 100 is a terminal used by a contract signing party, contract management server 200 is a server built by a contract management party, key management server 300 is a server built by a key management party, and requesting party terminal 400 is a terminal used by a contract receiving party. Contract signing party: there may be one or more parties responsible for contract development and signing. Contract management side: is responsible for the management of contract-related services. Key management side: is responsible for the management of key related traffic. Contract receiver: organizations with reference requirements for contracts include organization members of various security classes, i.e., requesters.

In the embodiment of the invention, the following steps are mainly executed for a signing party terminal (contract signing party): S101-S104.

S101, dividing the electronic contract into at least one contract module.

In specific implementation, after the contract signing party draws up the electronic contract, the electronic contract is divided into a non-sensitive part without a requirement on security level configuration and a sensitive part with a requirement on security level configuration according to different content attributes.

The non-sensitive portion may be disclosed to members not related to the benefit of the contract, including the contract administrator. The sensitive part is only disclosed to members related to the same interests, namely, is only fully disclosed to the same signer and is disclosed to the same receiver according to the rule of the security level, and any member not related to the interests of the contract including the contract manager cannot read the information of any sensitive part.

The sensitive part is divided into N different contract modules P1-PN according to the sequence, namely the sensitive part of the electronic contract is formed by sequentially combining Pn (N E [1, N ]), and N is an integer larger than 0.

For example, in one embodiment: when n=6, the sensitive part of a certain electronic contract may consist of the contract modules shown in table 1 below.

TABLE 1 contract Module dividing Table

S102, setting keys of all contract modules and generating a contract module table.

In specific implementation, the highest security level of the electronic contract is set to be M, namely the security level is 0-M, and M is an integer greater than or equal to 1, wherein the total security level is M+1. M needs to be large enough to meet all potential contract recipients' requirements for privacy level settings.

For each contract module, setting a highest security level encryption key, namely an Mth level encryption key KnM, knM is a random number, and then sequentially generating low-level encryption keys, wherein the low-level encryption keys are calculated by a one-way function of cryptography from the encryption keys of a higher level, namely the following formula (1): kn=hk (Kn (m+1)), where n e [1, n ], m e [0, m-1], HK are one-way functions, e.g., hash functions, specifically e.g., SM3 and SHA3 functions. The key generated by the one-way function can ensure that the owner of the encryption key with high security level can generate the encryption key with any low security level through calculation. The signer terminal sends the set of all the highest security level encryption keys, i.e., { KnM, n.epsilon.1, N ] }, to the key manager (i.e., key management server) for storage. The key management server only needs to store { KnM, n ε [1, N ] }, the key management effort is small.

For example, in one embodiment: when n=6, m=4, the signing party obtains the contract module key table as shown in table 2 below.

TABLE 2 contract Module Key Table

S103, sequentially encrypting the contract modules by using the encryption keys of the contract modules.

For each contract module, according to the order of the security level from low to high, the encryption key of the contract module with a certain security level is obtained, the encryption key is used for encrypting the encryption contract module with the next security level, and the encryption contract modules with all levels are obtained, wherein the special case is that the 0 th encryption contract module is obtained by the 0 th encryption key encryption contract module of the contract module, namely, the special case is calculated by the following formula (2):

wherein n is E [1, N]SE is a symmetric encryption function, such as SM4, AES function,is an encryption contract module.

Combining the encrypted contract modules at each level into a contract module table, wherein a lower level than level 0 is set as an original level in the first row, each value of the contract module table is a hash value of the corresponding contract module of the column, namely HPm =h (Pm), and H is a hash function; the m+1th (m E [0, M ]) row is the encryption contract module of the m-th security level.

For example, in one embodiment: when n=6, m=4, the signing party obtains the contract module table as shown in table 3 below (the following list of formulas are omitted).

TABLE 3 contract Module form

S104, generating a hash table of the contract module and signing.

In particular, step S104 includes the following steps S141-S142.

S141, generating a contract module hash table.

According to the contract module table (e.g., table 3), a hash value is calculated for each element therein except for the top row, thereby obtaining a contract module hash table. Thus, the contract module hash table comprises hash values of contract modules of the electronic contract and hash values of encryption contract modules of different levels corresponding to the contract modules of the electronic contract.

For example, in one embodiment: when n=6, m=4, signing party obtains contract module hash table.

TABLE 4 contract Module hash Table

S142, signing and uploading the electronic contract to the contract management server.

The signing party terminal signs the hash table (for example, table 4) of the same module, namely signs the hash value of the table to obtain the signature of the electronic contract, and completes the signing of the contract.

The contract module form, signature of the electronic contract is uploaded to a contract management server (i.e., contract manager). The contract management server verifies the contract module form. Specifically, the contract management server acquires a contract module hash table based on the contract module table, and acquires a hash value of the contract module hash table. And judging whether the hash value of the hash table of the contract module passes signature verification, and if so, judging that the electronic contract is not tampered.

Therefore, the method is uploaded to the contract module form of the contract management party, the first behavior hash value and other elements are ciphertext, and no sensitive information exists, so that any network member irrelevant to the contract sensitive information, including the contract management party, cannot acquire the sensitive information.

In the embodiment of the invention, the main work for the contract management server (contract management party) comprises the following two aspects: firstly, configuring a security policy of a contract receiver; second, a secret matching electronic contract is generated.

The configuration of the privacy policy of the contract receiver specifically means that a representative person of a certain contract receiver puts forward a reference requirement for a certain specified electronic contract to the contract management party. The contract signing party and the contract receiver representative jointly determine the specific privacy policy of the contract receiver at the contract management party through negotiation, but the contract receiver representative does not acquire the sensitive information of the contract. The security policy includes: (1) The privacy class of the contract module is divided, namely the module privacy policy. (2) The role type of each member of the contract receiver, namely the role security policy. Specifically, the steps S201-S202 are mainly included.

S201, determining a security policy of a contract module of the electronic contract.

In particular, step S201 includes steps S211-S212 as follows.

S211, dividing contract modules of the electronic contract into at least one module category.

In specific implementation, the contract modules of the electronic contract are divided into L module types according to different attributes, and the L module types are called 1 type-L type, wherein L is an integer greater than or equal to 1.

For example, in one embodiment, for the contract module shown in the foregoing table 1, the classification results of the representative persons from the plurality of contract recipients (A, B and C) respectively are as follows table 5.

Table 5 contract module category classification table

In table 5, the representative from contract receiver a classifies contract modules into 4 categories, i.e., signer information (category 1), subject information (category 2), financial information (category 3), legal terms information (category 4).

The representative of contract receiver B classifies the contract modules into 2 categories, namely legal information (category 1) and financial information (category 2); wherein, the class 1 defined by the contract receiver B comprises the class 1, the class 2 and the class 4 defined by the contract receiver 1, and the class 2 defined by the contract receiver B is the same as the class 3 defined by the contract receiver A.

The representative of contract receiver C classifies the contract modules into 3 categories, namely signer information (category 1), transaction information (category 2), legal terms information (category 3).

Therefore, the method gives the contract receiver the capability of classifying the types of the contract modules, can meet the customization requirement of the contract receiver on the security level setting, greatly improves the flexibility of the scheme, and expands the application scene of the scheme.

S212, setting the security level of the module type.

In specific implementation, the contract signing party and the contract receiving party determine the security level maximum value of each module type (the security level maximum value is required to be ensured to be < M), and the security level of each module type is classified to obtain all contract module levels. For example, in table 5, after the contract receiver a classifies the sensitive data of the electronic contract into 4 classes, the maximum value of security levels of class 1 to class 4 is respectively set to 3, 2, which indicates that the reading authority of the financial information, the target information, and the signer information is 0 level to 3 level (i.e. total 4 security levels, maximum security level is 3 level), and the reading authority of the legal provision information is 0 level to 2 level (i.e. total 3 security levels, maximum security level is 2 level).

If it is desired that a contract module be masked from the contract recipient, i.e., that the contract module cannot be read by any of the contract recipient's roles, the security level of the contract module may be set to a higher level of the security level maximum of the category to which the contract module belongs, preferably a higher level of the security level maximum of the category to which the contract module belongs.

The module security policy may be represented by a module security policy table, which contains the classification result and security level classification result of each contract module.

For example, in one embodiment, for contract receiver a in table 5, a security level is further determined for each contract module, resulting in a contract module security policy table.

TABLE 6 contract Module privacy policy Table

As can be seen, since the maximum value of the security level of the electronic contract for the contract receiver a is set to 3, 3 and 2 for the class 1-4, respectively, it can be known that the maximum value of the security level of any module with authority to read is not greater than 3 (because the maximum value of the security level configured by the contract receiver is 3), if the contract signing party wants that a certain contract module cannot be read by any role of the contract receiver, the security level of the contract module can be set to 4, see column P4 in table 6, and the security level is set to 4 for P4, so that the contract receiver cannot read P4, i.e. the contract signing party realizes shielding of sensitive information on the contract receiver.

Therefore, the method determines the category division, role definition and security level of the contract module through the contract signing party and the contract receiving party, not only meets the requirement of the contract receiving party on the custom security level, greatly improves the flexibility of the scheme, expands the application scene of the scheme, but also meets the control requirement of the contract signing party on the security level of the same receiving party, and particularly meets the requirement of the contract signing party on shielding different types of sensitive information of different contract receiving parties.

S202, determining the security policy of each role of the contract receiver.

The contract receiver has a plurality of role types, and the reading authority of each role type corresponding to each contract module can be freely set.

The security policies of the roles may be represented by a role security policy table that contains the highest readable security level of the contract modules of different roles for different module types.

The contract receiver opens member accounts at the contract administrator, and each account can be associated with 1 or more roles.

In one embodiment, the role security policy table corresponds to table 6 above, as shown in table 7 below.

TABLE 7 role security policy table

As can be seen, the contract receiver roles are divided into 6 classes. Aiming at the role type of the financial staff of the contract receiver, a list of information corresponding to the financial staff is taken out according to the information of the role security policy table, and the information which can be read by the financial staff is signing party information and target information of level 1 and below, financial information of level 2 and below and legal clause information of level 0; any higher security level contract module is not readable, such as signing party information and target information of level 1 or more, financial information of level 2 or more, legal terms information of level 0 or more, all contract modules masked from the contract recipient.

Therefore, the method gives the contract receiver the capability of customizing the same access role, can meet the security level customizing requirement of the contract receiver on the setting of the diagonal color, greatly improves the flexibility of the scheme, and expands the application scene of the scheme.

Specifically, referring to fig. 2, in the contract management server, the process of generating the secret matching electronic contract mainly includes the steps of: S301-S303.

S301, receiving an electronic contract reading request sent by a requester terminal, wherein the electronic contract reading request comprises identity information of a requester.

In a specific implementation, the contract management server receives an electronic contract reading request sent by a member (i.e. a requester) of a certain contract receiver through a requester terminal, wherein the electronic contract reading request contains identity information of the requester. The identity information includes the role of the requestor. And the contract management server performs identity authentication on the requester based on the identity information, confirms the authenticity of the requester and determines the role of the requester.

S302, determining a contract module with reading authority of the applicant as a target contract module according to the identity information. Wherein the electronic contract includes a plurality of contract modules defining module categories.

In the implementation, regarding each contract module of each module category of the electronic contract, whether the requester has the reading authority of the contract module is judged based on the role of the requester, if the requester has the reading authority of the contract module, the contract module is judged to be a target contract module, otherwise, the module category is judged not to be the target contract module.

In an embodiment, the electronic contract includes a plurality of contract modules defining module types, and the specific definition manner is referred to above in step S211. The above step S302 specifically includes the following steps S321 to S322.

S321, determining the highest readable security level of the applicant for each module type according to the identity information.

In a specific implementation, a pre-stored role security policy table (e.g., table 7) is obtained, which records the highest readable security level of contract modules of different roles for different module types. Based on the role of the applicant, the highest readable security level of the applicant for the different module types is obtained from the role security policy table (e.g. table 7).

S322, determining the contract module with the authority to read as a target contract module according to the highest readable security level of each module type and the security level preset by the contract module of each module type.

In an implementation, a pre-stored contract module privacy policy table, such as table 6, is obtained. The contract module confidentiality policy table records the module types of different contract modules and the confidentiality levels of different contract modules.

Judging whether the highest readable security level of a requester on each contract module of each module type is greater than or equal to the security level of the contract module or not; if yes, judging the contract module as a target contract module; if not, the contract module is judged not to be the target contract module.

For example, referring to tables 6 and 7, the highest readable security level for class 1-4 information is level 3, and level 2 when the applicant's role is overall manager. The signer information 1 (P1) and the signer information 2 (P2) both belong to class 1, the security level of the signer information 1 is 2, the highest readable security level of the total manager to the class 1 information is 3, it is seen that the security level of the signer information 1 is smaller than the highest readable security level of the total manager to the class 1 information, and thus the signer information 1 is a target contract module for the total manager. Similarly, the target contract modules for the overall manager may be determined to include signer information 1, signer information 2, subject information 1, financial information, and legal terms, i.e., target contract modules for which P1, P2, P3, P5, and P6 are the overall manager.

Similarly, the target contract modules for the financial director can be obtained as P1, P5 and P6. The delivery specialist's target contract module is P6.

S303, generating a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sending the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal. And the encryption contract module corresponding to the target contract module is obtained by encrypting the target contract module.

In implementations, a pre-stored table of contract modules (e.g., table 3) and a table of contract module hashes (e.g., table 4) are obtained.

An encrypted contract module corresponding to a security level of a target contract module is obtained from a contract module table (e.g., table 3) as the encrypted contract module corresponding to the target contract module. And generating a secret matching electronic contract based on the encryption contract module and the contract module hash table, and then sending the secret matching electronic contract and the signature of the electronic contract to the requester terminal. The signature of the electronic contract is sent by the signing party terminal to the contract management server.

For example, in one embodiment, the target contract modules for the overall manager are P1, P2, P3, P5, and P6. If the security level of P1 is 2 as recorded in table 6, the second-stage encryption contract module S12 of P1 is obtained as the encryption contract module corresponding to P1 in table 3. Similarly, the encryption contract module corresponding to P2 may be obtained as S23, the encryption contract module corresponding to P3 as S33, the encryption contract module corresponding to P5 as S51, and the encryption contract module corresponding to P6 as S60.

Further, the hash value of the encrypted contract module corresponding to the target contract module in the contract module hash table (table 4) is replaced by the encrypted contract module corresponding to the target contract module, so that the secret matching electronic contract is obtained. For example, if the hash value of S12 is HS12, HS12 in the contract module hash table (table 4) is replaced with S12. Similarly, HS23 in the contract module hash table (Table 4) is replaced with S23; replacing HS33 in the contract module hash table (e.g., table 4) with S33; replacing HS51 in the contract module hash table (table 4) with S51; HS60 in the contract module hash table (table 4) is replaced with S60. Thus, the resulting security matching electronic contract for the overall manager is shown in Table 8 below.

Original grade

HP1

HP2

HP3

HP4

HP5

HP6

Level 0

HS10

HS20

HS30

HS40

HS50

S60

Level 1

HS11

HS21

HS31

HS41

S51

HS61

Level 2

S12

HS22

HS32

HS42

HS52

HS62

3 grade

HS13

S23

S33

HS43

HS53

HS63

Grade 4

HS14

HS24

HS34

HS44

HS54

HS64

TABLE 8 secret matching electronic contract form for general manager

Similarly, a secret matching electronic contract for the financial director can be obtained as shown in Table 9 below.

Original grade

HP1

HP2

HP3

HP4

HP5

HP6

Level 0

HS10

HS20

HS30

HS40

HS50

S60

Level 1

HS11

HS21

HS31

HS41

S51

HS61

Level 2

S12

HS22

HS32

HS42

HS52

HS62

3 grade

HS13

HS23

HS33

HS43

HS53

HS63

Grade 4

HS14

HS24

HS34

HS44

HS54

HS64

TABLE 9 secret matching electronic contract form for financial Console

Similarly, a secure matching electronic contract for the delivery specialist may be obtained as shown in Table 10 below.

Original grade

HP1

HP2

HP3

HP4

HP5

HP6

Level 0

HS10

HS20

HS30

HS40

HS50

S60

Level 1

HS11

HS21

HS31

HS41

HS51

HS61

Level 2

HS12

HS22

HS32

HS42

HS52

HS62

3 grade

HS13

HS23

HS33

HS43

HS53

HS63

Grade 4

HS14

HS24

HS34

HS44

HS54

HS64

TABLE 10 secret matching electronic contract form for delivery specialists

Specifically, referring to fig. 3, in the embodiment of the present invention, the key management server (key manager) mainly performs the following steps: S401-S402.

S401, receiving an encryption key request sent by a requester terminal, wherein the encryption key request contains identity information of a requester.

In particular implementations, the key manager receives an encryption key request for an electronic contract sent by a member (i.e., requestor) of the contract recipient through the requestor terminal. The encryption key request contains identity information of the requestor and identification information of the electronic contract to be requested. The encryption key is an encryption key which is matched with the confidentiality strategy of the role of the applicant and is generated for a certain electronic contract and corresponds to the applicant, and the encryption key is used for decrypting the confidentiality matching electronic contract which is generated by the electronic contract and corresponds to the applicant.

And the key management party performs identity authentication on the requester based on the identity information contained in the encryption key request, and confirms the authenticity of the requester.

And S402, generating key information matched with the secret matching electronic contract corresponding to the requester based on the identity information, and sending the key information to the requester terminal.

In the implementation, the key management server determines the security policy of the requester for the electronic contract according to the identity information of the requester, and further generates key information matched with the security matching electronic contract corresponding to the requester according to the security policy of the requester for the electronic contract. The key information includes an encryption key for decrypting the secure matching electronic contract.

In one embodiment, the generating the key information matched with the secret matching electronic contract corresponding to the requestor based on the identity information includes the following steps: S421-S423.

S421, a key requirement information request is sent to the contract management server, wherein the key requirement information request comprises identity information of a requester.

In particular embodiments, the key requirement information request includes identity information of the requestor and identification information of the electronic contract.

Accordingly, the contract management server determines the role of the requester according to the identity information of the requester.

Further, the contract management server obtains the secret matching electronic contract of the electronic contract aimed by the requester according to the role of the requester and the identification information of the electronic contract.

Further, the contract management server generates a contract module key table without key values.

In particular, a contract module key table without key values is generated, which is obtained by deleting all encryption keys from the contract module key table (table 2), as shown in table 11 below.

TABLE 11 contract Module Key sheet without Key value

It should be noted that, all cells marked as empty in table 11 are empty, i.e., no data is stored.

Further, the contract management server finds the positions of all elements with non-hash values in the secret matching electronic contract, marks the corresponding positions in a contract module key table (table 11) without key values, and generates a contract module key table with marked non-key values, namely a key position description table. The marking method is that a non-0 element is placed at the corresponding position.

For example, in one embodiment, see the financial director' S secret matching electronic contract, table 9, where the elements of the non-hash values in Table 9 are S12, S51 and S60, corresponding to the positions K12, K51 and K60, respectively, of Table 11. The key location description table for the financial director is shown in table 12 below.

TABLE 12 Key location description Table for financial Console

It should be noted that, all cells marked as empty in table 12 are empty, i.e., no data is stored.

Further, the contract management server transmits a key location description table (e.g., table 12) to the key management server. The key location description table is the key requirement information. The key location description table identifies the location of the required encryption key in the contract module key table (e.g., table 2).

S422, key requirement information returned by the contract management server is received.

In particular implementations, key requirement information returned by the contract management server is received, which in one embodiment is embodied as a key location description table (e.g., table 12).

S423, generating key information matched with the secret matching electronic contract based on the key requirement information.

In particular implementations, the location of the desired encryption key in the contract module key table (e.g., table 2) is determined based on a key location description table (e.g., table 12), and the encryption key that matches the secure matching electronic contract is generated to obtain key information.

In one embodiment, the generating the key information matched with the secret matching electronic contract based on the key requirement information includes the following steps S4231-S4233.

S4231, determining, based on the key requirement information, a target contract module corresponding to the encryption key matched with the secret matching electronic contract and a key level, where the target contract module is at least one of contract modules included in the electronic contract.

In particular implementations, the location of the desired encryption key in the contract module key table (e.g., table 2) is determined based on a key location description table (e.g., table 12), and the target contract module and key rank to which the encryption key corresponds is determined based on the location of the encryption key in the contract module key table (e.g., table 2). For example, in table 12, the locations K12, K51, and K60 of the three encryption keys are marked, and it is known that the target contract module corresponding to K12 is P1, and the key level is level 2. The target contract module corresponding to K51 is P5, and the key grade is grade 1. The target contract module corresponding to K60 is P6, and the key grade is 0 grade.

S4232, obtaining a preset encryption key with the highest security level of the target contract module.

In a specific implementation, the key management server stores the encryption key with the highest security level of all contract modules in advance. After the target contract modules are determined, the highest security level encryption key of each target contract module is directly extracted. The key management server only needs to store the encryption key with the highest security level of all contract modules, and the key management work is small.

S4233, generating the encryption key based on the encryption key with the highest security level and the key level of the encryption key to obtain the key information.

In a specific implementation, the encryption key is calculated and generated based on formula (1) according to the encryption key with the highest security level and the key level of the encryption key, so as to obtain the key information, and the specific process is referred to step S102.

Specifically, in the last row of the key position description table (e.g., table 12), a column with a flag is selected, and the highest security level encryption key corresponding to the column is sequentially filled in, resulting in a key position description table in which the highest security level encryption key is filled in, e.g., table 13 below.

Table 13. Key location description table with highest Security level encryption keys filled in

In table 13, K14 is the highest security level encryption key corresponding to P1, K54 is the highest security level encryption key corresponding to P5, and K64 is the highest security level encryption key corresponding to P6.

Further, the key with the marked position is calculated based on the newly filled key in table 13, the calculation method is based on formula (1), and the specific calculation process is referred to in step S102. The key position description table calculated based on the encryption key calculated in table 13 is as follows in table 14.

Table 14. Key location description Table for calculating encryption keys

Further, the highest security level encryption key in table 14 is deleted, resulting in a key location description table from which the highest security level encryption key is deleted, as in table 15 below.

Table 15 Key location description Table with highest Security level encryption keys deleted

The key management server transmits the table 15 as key information to the requester terminal, and it can be seen that the encryption keys actually received by the requester terminal include K12, K51, K60.

Specifically, referring to fig. 4, in the embodiment of the present invention, the requester terminal mainly performs the following steps: S501-S503.

S501, sending an electronic contract reading request to the contract management server and sending an encryption key request to the key management server, wherein the electronic contract reading request and the encryption key request both contain identity information of a requester.

In a specific implementation, a requester terminal sends an electronic contract reading request to the contract management server and sends an encryption key request to the key management server.

Correspondingly, when receiving the electronic contract reading request, the contract management server determines a contract module with reading authority of the applicant as a target contract module according to the identity information; the contract management server generates a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sends the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal, wherein the encryption contract module corresponding to the target contract module is obtained by encrypting the target contract module. See steps S301-S303 above for specific procedures.

Accordingly, when receiving the encryption key request, the contract management server generates key information matched with the secret matching electronic contract based on the identity information, and sends the key information to the requester terminal. See steps S401-S402 above for specific procedures.

S502, receiving the secret matching electronic contract and the signature of the electronic contract sent by the contract management server, and receiving the key information sent by the key management server.

In particular implementations, the requestor terminal receives the secure matching electronic contract sent by the contract management server, e.g., in one embodiment, the secure matching electronic contract is in particular table 9.

Further, the requester terminal receives the key information transmitted from the contract management server. For example, in one embodiment, the key information is embodied in table 15.

And S503, decrypting the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract, and verifying the signature of the electronic contract.

In the implementation, the requester terminal decrypts the secret matching electronic contract according to the key information to obtain a decrypted matching electronic contract, and verifies the signature of the electronic contract. The decrypted matching electronic contract is in plaintext for the requester to read.

In an embodiment, the secret matching electronic contract includes an encrypted contract module corresponding to the target contract module. In addition, the secret matching electronic contract further comprises hash values of contract modules of the electronic contract and hash values of encryption contract modules except for the encryption contract module corresponding to the target contract module in all levels of encryption contract modules of the electronic contract. For example, in one embodiment, the secure matching electronic contract is as shown in Table 9.

Based on this, the signature of the electronic contract is verified, comprising the steps of: acquiring a contract module hash table of the electronic contract based on the secret matching electronic contract; and acquiring the hash value of the contract module hash table of the electronic contract, and carrying out signature verification on the hash value of the contract module hash table of the electronic contract.

In specific implementation, a hash value of an encryption contract module corresponding to a target contract module is obtained. And obtaining a contract module hash table by the hash value of the encryption contract module corresponding to the target contract module and the secret matching electronic contract. For example, in table 9, the encrypted contract module corresponding to the target contract module is deleted from table 9 and replaced with the hash value of the encrypted contract module corresponding to the target contract module, so as to obtain the contract module hash table.

Then, acquiring a hash value of the hash table of the contract module, judging whether the hash value of the hash table of the contract module passes signature verification, and if so, indicating that the electronic contract is not tampered, and passing the verification; otherwise, the electronic combination is tampered, and the verification is not passed.

In an embodiment, the secret matching electronic contract includes an encryption contract module corresponding to the target contract module, for example, for table 9, the corresponding encryption contract modules are S12, S51, and S60. The key information includes encryption keys of the encryption contract modules corresponding to the target contract module, for example, for table 15, the encryption keys are K12, K51, and K60.

Based on the above, the step of decrypting the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract specifically includes the steps of: and decrypting the encrypted contract module corresponding to the target contract module based on the encrypted key to obtain the target contract module. In one embodiment, based on tables 9 and 15, the specific operation of this step is to decrypt S12, S51 and S60 according to K12, K51 and K60, respectively, to obtain P1, P5 and P6.

In an embodiment, the encryption contract module corresponding to the target contract module is obtained by encrypting the target contract module for a preset number of times, where the preset number of times is equal to the security level of the target contract module; the specific encryption process can be seen from step S103 described above. The decryption of the encrypted contract module corresponding to the target contract module based on the encryption key to obtain the target contract module includes the following steps S531-S534

S531, judging whether the preset times is one. For example, for table 9, the number of encryption of S12 is 3, greater than 1; s51, the encryption times are 2 and equal to 1; the number of encryption at S60 is 1.

In specific implementation, it is determined whether the encryption number of the encryption contract module is equal to 1.

S532, if the preset times are one, decrypting the encrypted contract module corresponding to the target contract module through the encrypted key to obtain the target contract module.

In specific implementation, if the encryption number is equal to 1, it is indicated that the encryption contract module is obtained by the contract module through one encryption. Therefore, the contract module can be obtained by decrypting the encrypted contract module through the encryption key corresponding to the encrypted contract module.

For example, for S60 in table 9, P6 can be obtained by decrypting S60 with K60 in table 15.

S533, if the preset times are greater than one, generating low-level secondary encryption keys based on the encryption keys, wherein the number of the secondary encryption keys is equal to the preset times minus one.

In specific implementation, if the encryption number is greater than 1, it is indicated that the encryption contract module is obtained by encrypting the contract module multiple times. At this time, it is first necessary to generate a low-level secondary encryption key based on the encryption key, the number of the secondary encryption keys being equal to the preset number of times minus one, the calculation method of the secondary encryption key being based on the formula (1), and the specific calculation process being referred to in step S102. For example, for K12 in table 15, the secondary encryption keys thereof are calculated as K11 and K10, and for K51 in table 15, the secondary encryption key thereof is calculated as K50. The receiver key table, for example, the receiver key table of the financial director, is obtained by filling the calculated secondary encryption key into table 15, as in table 16 below.

Table 16 receiver Key sheet for financial Console

S534, sequentially decrypting the encrypted contract modules corresponding to the target contract module through the encrypted key and the secondary encrypted key to obtain the target contract module.

In the implementation, the encryption contract module corresponding to the target contract module is sequentially decrypted through the encryption key and the secondary encryption key of the encryption key to obtain the target contract module. For example, for S12 in table 9, decryption of S12 is performed sequentially by K12, K11, and K10 in table 16, yielding P1.

For S51 in table 9, S51 is decrypted by K51 and K50 in table 16 to obtain P5.

In an embodiment, the requesting terminal further performs the steps of:

and S504, if the preset times are one, checking the hash value of the target contract module.

In specific implementation, if the preset times are one, the hash value of the target contract module is checked. Specifically, the hash value of the target contract module is calculated, whether the hash value of the target contract module is the same as the hash value of the corresponding record in the secret matching electronic contract (for example, table 9) is judged, if so, the decryption is judged to be successful, otherwise, the decryption is judged to be failed.

For example, for S60 in table 9, P6 can be obtained by decrypting S60 with K60 in table 15. The hash value of P6 is calculated and it is determined whether the hash value of P6 is equal to HP6 described in table 9, if so, it is determined that decryption is successful, otherwise it is determined that decryption is failed.

S505, if the preset times are greater than one, verifying hash values of the secondary encryption contract module corresponding to the target contract module and the target contract module; the secondary encryption contract module corresponding to the target contract module is generated in the middle process of decrypting the encryption contract module corresponding to the target contract module to obtain the target contract module.

In a specific implementation, if the preset number of times is greater than one, a secondary encryption contract module is generated in the middle of decrypting the encryption contract module. And at the moment, verifying the hash values of the secondary encryption contract module corresponding to the target contract module and the target contract module. Specifically, hash values of the target contract module and the secondary encryption contract module are calculated, whether the hash values of the target contract module and the secondary encryption contract module are the same as the hash values of corresponding records in the secret matching electronic contract (for example, table 9) or not is judged, if so, decryption is judged to be successful, otherwise decryption is judged to be failed.

For example, for S12 in table 9, decryption of S12 is performed sequentially by K12, K11 and K10 in table 16, and the specific procedure is: k12 decrypting S12 to obtain S11; k11 decrypting S11 to obtain S10; k10 decrypts S10 to obtain P1. S11 and S10 are secondary encryption contract modules.

And calculating the hash value of S11, judging whether the hash value of S11 is equal to HS11 recorded in table 9, if so, judging that S12 decryption is successful, otherwise, judging that S12 decryption fails.

And calculating the hash value of S10, judging whether the hash value of S10 is equal to HS10 recorded in table 9, if so, judging that S11 decryption is successful, otherwise, judging that S11 decryption fails.

And calculating the hash value of the P1, judging whether the hash value of the P1 is equal to the HP1 recorded in the table 9, if so, judging that the decryption is successful S10, otherwise, judging that the decryption is failed S10.

For example, for S51 in table 9, decrypting S51 by K51 and K50 in table 16, yields P5; the specific process is as follows: decrypting S51 by K51 to obtain S50; decryption of S50 by K50 yields P5. S50 is the secondary encryption contract module.

And calculating the hash value of S50, judging whether the hash value of S50 is equal to HS50 recorded in table 9, if so, judging that S51 decryption is successful, otherwise, judging that S51 decryption fails.

And calculating the hash value of P5, judging whether the hash value of P5 is equal to HP5 recorded in table 9, if so, judging that the decryption is successful S50, otherwise, judging that the decryption is failed S50.

The principle of the verification process is as follows: assuming that the ciphertext of any sensitive information received by the contract receiver is tampered, the result obtained after decryption will not correspond to the hash value in the secret matching electronic contract (e.g., table 9); assuming that the hash value in the secret matching electronic contract is tampered, and also cannot pass verification; therefore, based on the verification process, not only is the fact that the hash value in the secret matching electronic contract is not tampered, but also the fact that the ciphertext of any sensitive information received by the contract receiver is not tampered and decryption results of all levels are not tampered is guaranteed.

In order to further illustrate the technical effects of the embodiments of the present invention, the following compares the key requirement of the present invention with the key requirement of the prior art, and the specific steps are as follows:

assuming that there is one electronic contract, the original contract module is divided into 100 pieces, that is, 100 pieces of sensitive information exist. When encrypted by the method, the contract storage key is equal to the number of original contract modules, is irrelevant to the number of contract receivers and the confidentiality strategy thereof, and therefore, the total number of keys required is 100

The contract receivers with different attributes want to read the electronic contract, each contract receiver defines 20 contract module types, the definitions of the contract receivers are different, the security level of each type is 0 level to 3 level, namely 4 security levels, and sensitive data of the security levels exist.

In the conventional encryption method, for each contract receiver, 20×4=80 keys need to be given for encryption, and the key table is as follows in table 17.

TABLE 17 Key requirement Table for conventional methods

Since the definitions of the contract recipients are different, the keys of the different contract recipients are different, in this case, the total number of keys required by 3 contract recipients is 80×3=240, the total number of keys required by 10 contract recipients is 80×10=800, the total number of keys required by 100 contract recipients is 80×100=8000, and the total number of keys required by 1000 contract recipients is 80×1000=80000. Although as contract recipients increase, the contract recipients with the same security policy can use the same key table, thereby reducing the data volume of key management. However, as can be seen from the above comparative analysis, in the present example, the conventional method is higher in the absolute number of keys than the present method, and the tendency that the absolute number of keys increases with the increase of contract recipients does not change.

Therefore, the method has the beneficial effects that the key management workload is reduced to different degrees under the condition of different numbers of contract receivers when compared with the conventional method by respectively setting the key with the highest security level for the sensitive information fragment and generating a plurality of keys with lower levels through the one-way function.

Referring to fig. 5, fig. 5 is a schematic block diagram of an electronic contract management apparatus 50 with configurable security levels according to an embodiment of the present invention. The electronic contract management system comprises a signing party terminal, a contract management server, a key management server and a requesting party terminal; sensitive information in an electronic contract is divided into contract modules. Corresponding to the above electronic contract management method capable of configuring security levels, the present invention also provides an electronic contract management apparatus 50 capable of configuring security levels. The electronic contract management apparatus 50 of configurable security level includes a unit for executing the electronic contract management method of configurable security level described above, and the electronic contract management apparatus 50 of configurable security level may be configured in a computer device such as a desktop computer, a tablet computer, a laptop computer, or the like. Specifically, the electronic contract management apparatus 50 of configurable security level includes:

A sending unit 51, configured to send an electronic contract reading request to the contract management server, and send an encryption key request to the key management server, where the electronic contract reading request and the encryption key request both include identity information of a requestor; the contract management server determines a contract module with reading authority of the applicant as a target contract module according to the identity information; the contract management server generates a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sends the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal; the key management server generates key information matched with the secret matching electronic contract based on the identity information and sends the key information to the requester terminal;

a first receiving unit 52 for receiving the secret matching electronic contract and the signature of the electronic contract transmitted by the contract management server, and receiving the key information transmitted by the key management server;

and a decryption unit 53, configured to decrypt the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract, and verify the signature of the electronic contract.

In an embodiment, the secure matching electronic contract includes an encryption contract module corresponding to the target contract module, the key information includes an encryption key of the encryption contract module corresponding to the target contract module, and decrypting the secure matching electronic contract based on the key information to obtain a decrypted matching electronic contract includes:

and decrypting the encrypted contract module corresponding to the target contract module based on the encrypted key to obtain the target contract module.

In an embodiment, the encryption contract module corresponding to the target contract module is obtained by encrypting the target contract module for a preset number of times; the decrypting the encrypted contract module corresponding to the target contract module based on the encrypted key to obtain the target contract module includes:

judging whether the preset times are one or not;

if the preset times are one, decrypting the encrypted contract module corresponding to the target contract module through the encrypted key to obtain the target contract module;

if the preset times are greater than one, generating low-level secondary encryption keys based on the encryption keys, wherein the number of the secondary encryption keys is equal to the preset times minus one;

And sequentially decrypting the encryption contract modules corresponding to the target contract modules through the encryption key and the secondary encryption key to obtain the target contract modules.

In one embodiment, the electronic contract management apparatus 50 with configurable security level further includes:

the first verification unit is used for verifying the hash value of the target contract module if the preset times are one;

the second verification unit is used for verifying the hash values of the secondary encryption contract module corresponding to the target contract module and the target contract module if the preset times are greater than one; the secondary encryption contract module corresponding to the target contract module is generated in the middle process of decrypting the encryption contract module corresponding to the target contract module to obtain the target contract module.

In an embodiment, the signature of the electronic contract is obtained by signing a hash value of a contract module hash table of the electronic contract by a signing party terminal, the contract module hash table includes a hash value of a contract module of the electronic contract and hash values of encryption contract modules at different levels corresponding to the contract module of the electronic contract, and the verifying the signature of the electronic contract includes:

Acquiring a contract module hash table of the electronic contract based on the secret matching electronic contract;

and acquiring the hash value of the contract module hash table of the electronic contract, and carrying out signature verification on the hash value of the contract module hash table of the electronic contract.

Referring to fig. 6, fig. 6 is a schematic block diagram of an electronic contract management apparatus 50 with configurable security levels according to an embodiment of the present invention. The electronic contract management system comprises a signing party terminal, a contract management server, a key management server and a requesting party terminal; sensitive information in an electronic contract is divided into contract modules. Corresponding to the above electronic contract management method capable of configuring security levels, the present invention also provides an electronic contract management apparatus 50 capable of configuring security levels. The electronic contract management apparatus 50 of configurable security level includes a unit for executing the electronic contract management method of configurable security level described above, and the electronic contract management apparatus 50 of configurable security level may be configured in a computer device such as a desktop computer, a tablet computer, a laptop computer, or the like. Specifically, the electronic contract management apparatus 50 of configurable security level includes:

A second receiving unit 54, configured to receive an electronic contract reading request sent by a requester terminal, where the electronic contract reading request includes identity information of a requester;

a determining unit 55, configured to determine, according to the identity information, a contract module that the requestor has a reading authority as a target contract module;

the first generating unit 56 is configured to generate a secret matching electronic contract based on the encrypted contract module obtained by encrypting the target contract module, and send the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal.

In one embodiment, the electronic contract includes a plurality of contract modules defining module types, and the contract module for determining that the requestor has reading authority according to the identity information is a target contract module, including:

determining the highest readable security level of the requester for each module type according to the identity information;

and determining the contract module with the authority to read as a target contract module according to the highest readable security level of each module type and the security level preset by the contract module of each module type.

Referring to fig. 7, fig. 7 is a schematic block diagram of an electronic contract management apparatus 50 with configurable security levels according to an embodiment of the present invention. The electronic contract management system comprises a signing party terminal, a contract management server, a key management server and a requesting party terminal; sensitive information in an electronic contract is divided into contract modules. Corresponding to the above electronic contract management method capable of configuring security levels, the present invention also provides an electronic contract management apparatus 50 capable of configuring security levels. The electronic contract management apparatus 50 of configurable security level includes a unit for executing the electronic contract management method of configurable security level described above, and the electronic contract management apparatus 50 of configurable security level may be configured in a computer device such as a desktop computer, a tablet computer, a laptop computer, or the like. Specifically, the electronic contract management apparatus 50 of configurable security level includes:

a third receiving unit 57 that receives an encryption key request sent from a requester terminal, wherein the encryption key request contains identity information of a requester;

the second generating unit 58 is configured to generate key information matched with the secret matching electronic contract corresponding to the requester based on the identity information, and send the key information to the requester terminal.

In one embodiment, the generating the key information matched with the secret matching electronic contract corresponding to the requestor based on the identity information includes:

sending a key requirement information request to a contract management server, wherein the key requirement information request comprises the identity information;

receiving key demand information returned by the contract management server;

and generating key information matched with the secret matching electronic contract based on the key requirement information.

In an embodiment, the generating key information matched with the secret matching electronic contract based on the key requirement information includes:

determining a target contract module and a key grade corresponding to an encryption key matched with the secret matched electronic contract based on the key requirement information, wherein the target contract module is at least one contract module contained in the electronic contract;

acquiring a preset highest security level encryption key of the target contract module;

and generating the encryption key based on the encryption key with the highest security level and the key level of the encryption key to obtain the key information.

It should be noted that, as will be clearly understood by those skilled in the art, the specific implementation process of the electronic contract management device 50 and each unit with the configurable security level may refer to the corresponding description in the foregoing method embodiment, and for convenience and brevity of description, the description is omitted here.

The above-described security-level-configurable electronic contract management apparatus 50 may be implemented in the form of a computer program that can be run on a computer device as shown in fig. 8.

Referring to fig. 8, fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be a terminal or a server, where the terminal may be an electronic device with a communication function, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a personal digital assistant, and a wearable device. The server may be an independent server or a server cluster formed by a plurality of servers.

The computer device 500 includes a processor 502, a memory, and a network interface 505, connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.

The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer program 5032, when executed, causes the processor 502 to perform a configurable security level electronic contract management method.

The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.

The internal memory 504 provides an environment for the execution of a computer program 5032 in the non-volatile storage medium 503, which computer program 5032, when executed by the processor 502, causes the processor 502 to perform a configurable security level electronic contract management method.

The network interface 505 is used for network communication with other devices. It will be appreciated by those skilled in the art that the foregoing structures, which are merely block diagrams of portions of structures related to the present application, are not limiting of the computer device 500 to which the present application may be applied, and that a particular computer device 500 may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.

The processor 502 is configured to execute a computer program 5032 stored in a memory, so as to implement the steps of an electronic contract management method with configurable security level provided in any of the method embodiments.

It should be appreciated that in embodiments of the present application, the processor 502 may be a central processing unit (Central Processing Unit, CPU), the processor 502 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSPs), application specific integrated circuits (Application Specific Integrated Circuit, ASICs), field programmable gate arrays (Field-Programmable Gate Array, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. Wherein the general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

Those skilled in the art will appreciate that all or part of the flow in a method embodying the above described embodiments may be accomplished by computer programs instructing the relevant hardware. The computer program may be stored in a storage medium that is a computer readable storage medium. The computer program is executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.

Accordingly, the present invention also provides a storage medium. The storage medium may be a computer readable storage medium. The storage medium stores a computer program. The computer program, when executed by a processor, causes the processor to perform the steps of a configurable security level electronic contract management method provided by any of the method embodiments described above.

The storage medium is a physical, non-transitory storage medium, and may be, for example, a U-disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk. The computer readable storage medium may be nonvolatile or may be volatile.

Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

In the several embodiments provided by the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed.

The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be combined, divided and deleted according to actual needs. In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The integrated unit may be stored in a storage medium if implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention is essentially or part of what contributes to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a terminal, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention.

In the foregoing embodiments, the descriptions of the embodiments are focused on, and for those portions of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (11)

1. An electronic contract management method capable of configuring security level is characterized in that an electronic contract management system comprises a signing party terminal, a contract management server, a key management server and a requesting party terminal; sensitive information in the electronic contract is divided into contract modules; the method is applied to the requester terminal, and comprises the following steps:

Sending an electronic contract reading request to the contract management server and sending an encryption key request to the key management server, wherein the electronic contract reading request and the encryption key request both contain identity information of a requester; the contract management server determines a contract module with reading authority of the applicant as a target contract module according to the identity information; the contract management server generates a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sends the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal; the key management server generates key information matched with the secret matching electronic contract based on the identity information and sends the key information to the requester terminal; the electronic contract comprises a plurality of contract modules defining module types, the contract module with reading authority of the applicant is determined as a target contract module according to the identity information, and the electronic contract comprises: determining the highest readable security level of the requester for each module type according to the identity information; determining a contract module with authority to read by the applicant as a target contract module according to the highest readable security level of each module type and the security level preset by the contract module of each module type;

Receiving the secret matching electronic contract and the signature of the electronic contract sent by the contract management server, and receiving the key information sent by the key management server;

decrypting the secret matching electronic contract based on the key information to obtain a decrypted matching electronic contract, and verifying the signature of the electronic contract;

the secret matching electronic contract comprises an encryption contract module corresponding to the target contract module, the key information comprises an encryption key of the encryption contract module corresponding to the target contract module, the secret matching electronic contract is decrypted based on the key information to obtain a decrypted matching electronic contract, and the method comprises the following steps:

and decrypting the encrypted contract module corresponding to the target contract module based on the encrypted key to obtain the target contract module.

2. The method according to claim 1, wherein the encryption contract module corresponding to the target contract module is obtained by encrypting the target contract module for a preset number of times; the decrypting the encrypted contract module corresponding to the target contract module based on the encrypted key to obtain the target contract module includes:

Judging whether the preset times are one or not;

if the preset times are one, decrypting the encrypted contract module corresponding to the target contract module through the encrypted key to obtain the target contract module;

if the preset times are greater than one, generating low-level secondary encryption keys based on the encryption keys, wherein the number of the secondary encryption keys is equal to the preset times minus one;

and sequentially decrypting the encryption contract modules corresponding to the target contract modules through the encryption key and the secondary encryption key to obtain the target contract modules.

3. The method according to claim 2, wherein the method further comprises:

if the preset times are one, verifying the hash value of the target contract module;

if the preset times are greater than one, verifying hash values of the secondary encryption contract module corresponding to the target contract module and the target contract module; the secondary encryption contract module corresponding to the target contract module is generated in the middle process of decrypting the encryption contract module corresponding to the target contract module to obtain the target contract module.

4. The method of claim 1, wherein the signature of the electronic contract is obtained by signing a hash value of a contract module hash table of the electronic contract by a signer terminal, the contract module hash table including hash values of contract modules of the electronic contract and hash values of encryption contract modules of respective levels corresponding to the contract modules of the electronic contract, the verifying the signature of the electronic contract comprising:

acquiring a contract module hash table of the electronic contract based on the secret matching electronic contract;

and acquiring the hash value of the contract module hash table of the electronic contract, and carrying out signature verification on the hash value of the contract module hash table of the electronic contract.

5. An electronic contract management method with configurable security level, characterized in that the electronic contract management system comprises a signer terminal, a contract management server, a key management server and a requester terminal for performing the method according to any one of claims 1-4; sensitive information in the electronic contract is divided into contract modules; the method is applied to the contract management server, and comprises the following steps:

Receiving an electronic contract reading request sent by a request party terminal, wherein the electronic contract reading request comprises identity information of a requester;

determining a contract module with reading authority of the requester as a target contract module according to the identity information;

and generating a secret matching electronic contract based on an encryption contract module obtained by corresponding encryption of the target contract module, and sending the secret matching electronic contract and the signature of the signing party terminal on the electronic contract to the requesting party terminal.

6. An electronic contract management method with configurable security level, characterized in that the electronic contract management system comprises a signer terminal, a contract management server, a key management server and a requester terminal for performing the method according to any one of claims 1-4; sensitive information in the electronic contract is divided into contract modules; the method is applied to the key management server, and comprises the following steps:

receiving an encryption key request sent by a requester terminal, wherein the encryption key request comprises identity information of a requester;

and generating key information matched with the secret matching electronic contract corresponding to the requester based on the identity information, and sending the key information to the requester terminal.

7. The method of claim 6, wherein generating key information for matching a secret matching electronic contract corresponding to the requestor based on the identity information comprises:

sending a key requirement information request to a contract management server, wherein the key requirement information request comprises the identity information;

receiving key demand information returned by the contract management server;

and generating key information matched with the secret matching electronic contract based on the key requirement information.

8. The method of claim 7, wherein the generating key information matched with the secret matching electronic contract based on the key requirement information comprises:

determining a target contract module and a key grade corresponding to an encryption key matched with the secret matched electronic contract based on the key requirement information, wherein the target contract module is at least one contract module contained in the electronic contract;

acquiring a preset highest security level encryption key of the target contract module;

and generating the encryption key based on the encryption key with the highest security level and the key level of the encryption key to obtain the key information.

9. An electronic contract management arrangement with configurable security levels, characterised in that it comprises means for performing the method according to any of claims 1-8.

10. A computer device, characterized in that it comprises a memory on which a computer program is stored and a processor which, when executing the computer program, implements the method according to any of claims 1-8.

11. A computer readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method according to any of claims 1-8.