TWI456524B - Financial data processing method and its architecture applied in cloud computing environment - Google Patents

Financial data processing method and its architecture applied in cloud computing environment Download PDF

Info

Publication number
TWI456524B
TWI456524B TW101110823A TW101110823A TWI456524B TW I456524 B TWI456524 B TW I456524B TW 101110823 A TW101110823 A TW 101110823A TW 101110823 A TW101110823 A TW 101110823A TW I456524 B TWI456524 B TW I456524B
Authority
TW
Taiwan
Prior art keywords
user
financial data
providing system
encrypted
service providing
Prior art date
Application number
TW101110823A
Other languages
Chinese (zh)
Other versions
TW201340018A (en
Inventor
Jing Jang Hwang
Yi Chang Hsu
Original Assignee
Univ Chang Gung
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Chang Gung filed Critical Univ Chang Gung
Priority to TW101110823A priority Critical patent/TWI456524B/en
Publication of TW201340018A publication Critical patent/TW201340018A/en
Application granted granted Critical
Publication of TWI456524B publication Critical patent/TWI456524B/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Claims (10)

一種應用於雲端運算環境中的金融資料處理方法,包含一第一雲端服務提供系統所執行的下列步驟:(A)接收來自一應用服務提供系統的一第一服務要求及其訊息,其中,該第一服務要求之訊息包括一用戶隱私資料;(B)根據該用戶隱私資料取得至少一個金鑰;(C)根據該金鑰對該用戶隱私資料進行加密,以得到一用戶替代隱私資料;(D)傳送一第二服務要求及其訊息給一第二雲端服務提供系統,其中,該第二服務要求之訊息包括該用戶替代隱私資料;(E)接收來自該第二雲端服務提供系統回應該第二服務要求所傳送的一已加密金融資料集,並根據該金鑰對該已加密金融資料集進行解密,以得到一已解密金融資料集;(F)傳送該已解密金融資料集給該應用服務提供系統以回應該第一服務要求;及(G)刪除該用戶隱私資料、該用戶替代隱私資料、該已加密金融資料集,及該已解密金融資料集。A financial data processing method for use in a cloud computing environment, comprising the following steps performed by a first cloud service providing system: (A) receiving a first service request and an information from an application service providing system, wherein The first service request message includes a user privacy data; (B) obtaining at least one key according to the user privacy data; (C) encrypting the user privacy data according to the key to obtain a user substitute for private data; D) transmitting a second service request and its message to a second cloud service providing system, wherein the second service request message includes the user replacing the privacy data; (E) receiving the response from the second cloud service providing system The second service requests an encrypted set of financial data transmitted, and decrypts the encrypted financial data set according to the key to obtain a decrypted financial data set; (F) transmitting the decrypted financial data set to the Applying the service delivery system to respond to the first service request; and (G) deleting the user's private information, the user's replacement of the private data, the encrypted financial information And the decrypted financial data set. 依據申請專利範圍第1項所述之應用於雲端運算環境中的金融資料處理方法,還包含步驟(D)及(E)之間且於該第二雲端服務提供系統所執行的下列步驟:(H)根據來自該第一雲端服務提供系統的該第二服務要求取得該已加密金融資料集;及(I)傳送該已加密金融資料集給該第一雲端服務提供系統。The financial data processing method applied in the cloud computing environment according to claim 1 of the patent application scope, further comprising the following steps performed between the steps (D) and (E) and executed by the second cloud service providing system: H) obtaining the encrypted financial data set according to the second service request from the first cloud service providing system; and (1) transmitting the encrypted financial data set to the first cloud service providing system. 依據申請專利範圍第2項所述之應用於雲端運算環境中的金融資料處理方法,其中,該用戶隱私資料包括一用戶識別資訊,步驟(B)係根據該用戶識別資訊取得相關於該用戶識別資訊的該金鑰,步驟(C)係根據該金鑰對該用戶識別資訊進行加密,以得到一用戶替代識別資訊,該用戶替代隱私資料包括該用戶替代識別資訊。According to the financial data processing method applied in the cloud computing environment, the user privacy data includes a user identification information, and the step (B) is related to the user identification according to the user identification information. The key of the information, the step (C) encrypts the user identification information according to the key to obtain a user substitute identification information, and the user substitutes the private information to include the user substitute identification information. 依據申請專利範圍第3項所述之應用於雲端運算環境中的金融資料處理方法,其中,步驟(H)包括下列子步驟:(h-1)根據該第二服務要求之訊息的該用戶替代隱私資料的該用戶替代識別資訊,取得一主帳戶替代識別資訊;及(h-2)根據該主帳戶替代識別資訊取得一已加密主帳戶相關資料,其中,該已加密金融資料集包括該已加密主帳戶相關資料。The financial data processing method applied to the cloud computing environment according to claim 3, wherein the step (H) comprises the following sub-steps: (h-1) the user replacement according to the message of the second service request The user of the privacy data substitutes the identification information to obtain a primary account replacement identification information; and (h-2) obtains an encrypted primary account related data according to the primary account replacement identification information, wherein the encrypted financial data set includes the Encrypt the primary account related information. 依據申請專利範圍第2項所述之應用於雲端運算環境中的金融資料處理方法,其中,步驟(A)所接收的該第一服務要求之訊息還包括一非隱私資料,步驟(D)所傳送的該第二服務要求之訊息還包括該非隱私資料。According to the financial data processing method applied in the cloud computing environment, the message of the first service request received in the step (A) further includes a non-private data, and the step (D) The message of the second service request transmitted also includes the non-private information. 依據申請專利範圍第5項所述之應用於雲端運算環境中的金融資料處理方法,其中,步驟(A)所接收的該第一服務要求之訊息的該用戶隱私資料還包括一存款帳戶識別資訊,該非隱私資料包括一查詢區間,步驟(C)還根據該金鑰對該存款帳戶識別資訊進行加密,以得到一存款帳戶替代識別資訊,該用戶替代隱私資料還包括該存款帳戶替代識別資訊,步驟(H)係根據該第二服務要求之訊息取得該查詢區間內至少一已加密交易明細,其中,該已加密金融資料集包括該已加密交易明細。According to the financial data processing method in the cloud computing environment described in claim 5, wherein the user privacy information of the first service request message received in step (A) further includes a deposit account identification information. The non-private information includes an inquiry interval, and the step (C) further encrypts the deposit account identification information according to the key to obtain a deposit account replacement identification information, and the user substitute private information further includes the deposit account replacement identification information. Step (H) is to obtain at least one encrypted transaction detail in the query interval according to the message of the second service request, wherein the encrypted financial data set includes the encrypted transaction details. 依據申請專利範圍第2項所述之應用於雲端運算環境中的金融資料處理方法,其中,步驟(A)所接收的該第一服務要求之訊息的該用戶隱私資料還包括多筆交易帳戶識別資訊,步驟(C)還根據該金鑰分別對該等交易帳戶識別資訊進行加密,以得到多筆交易帳戶替代識別資訊,該用戶替代隱私資料還包括該等交易帳戶替代識別資訊,步驟(H)係根據該第二服務要求之訊息取得分別對應於該等交易帳戶替代識別資訊的多筆已加密交易帳戶相關資料,其中,該已加密金融資料集包括該等已加密交易帳戶相關資料,步驟(E)係根據該金鑰分別對該等已加密交易帳戶相關資料進行解密,以得到多筆已解密交易帳戶相關資料,該已解密金融資料集包括該等已解密交易帳戶相關資料。According to the financial data processing method in the cloud computing environment described in claim 2, wherein the user privacy data of the first service request message received in step (A) further includes multiple transaction account identifications. Information, step (C) further encrypts the transaction account identification information according to the key to obtain multiple transaction account replacement identification information, and the user substitute privacy data further includes the transaction account replacement identification information, step (H) Obtaining, according to the message of the second service request, a plurality of encrypted transaction account related materials respectively corresponding to the transaction account replacement identification information, wherein the encrypted financial data set includes the encrypted transaction account related materials, the steps (E) decrypting the encrypted transaction account related data according to the key to obtain a plurality of decrypted transaction account related materials, and the decrypted financial data set includes the decrypted transaction account related materials. 依據申請專利範圍第7項所述之應用於雲端運算環境中的金融資料處理方法,還包含步驟(F)及(G)之間且於該第一雲端服務提供系統所執行的下列步驟:(J)接收來自該應用服務提供系統且分別相關於該等已解密交易帳戶相關資料的多筆交易明細,並根據該金鑰對該等交易明細進行加密以得到多筆已加密交易明細;及(K)傳送該等已加密交易明細給該第二雲端服務提供系統;其中,步驟(G)還刪除該等交易明細及該等已加密交易明細。The financial data processing method applied to the cloud computing environment according to claim 7 of the patent application scope further includes the following steps performed between the steps (F) and (G) and executed by the first cloud service providing system: J) receiving a plurality of transaction details from the application service providing system and related to the data of the decrypted transaction accounts respectively, and encrypting the transaction details according to the key to obtain a plurality of encrypted transaction details; and K) transmitting the encrypted transaction details to the second cloud service providing system; wherein step (G) also deletes the transaction details and the encrypted transaction details. 依據申請專利範圍第8項所述之應用於雲端運算環境中的金融資料處理方法,還包含步驟(J)之後且於該第二雲端服務提供系統所執行的一步驟(L):接收並儲存該等已加密交易明細。The financial data processing method applied to the cloud computing environment according to claim 8 of the patent application scope further includes a step (L) performed after the step (J) and executed by the second cloud service providing system: receiving and storing These encrypted transaction details. 一種應用於雲端運算環境中的金融資料處理架構,可與一用戶裝置進行通訊,該金融資料處理架構包含:一應用服務提供系統,用以根據來自該用戶裝置的資料傳送一第一服務要求及其訊息;一第一雲端服務提供系統,可與該應用服務提供系統進行通訊;及一第二雲端服務提供系統,可與該應用服務提供系統及該第一雲端服務提供系統進行通訊;其中,該第一雲端服務提供系統用以:接收來自該應用服務提供系統的一第一服務要求及其訊息,其中,該第一服務要求之訊息包括一用戶隱私資料;根據該用戶隱私資料取得至少一個金鑰;根據該金鑰對該用戶隱私資料進行加密,以得到一用戶替代隱私資料;傳送一第二服務要求及其訊息給該第二雲端服務提供系統,其中,該第二服務要求之訊息包括該用戶替代隱私資料;接收來自該第二雲端服務提供系統回應該第二服務要求所傳送的一已加密金融資料集,並根據該金鑰對該已加密金融資料集進行解密,以得到一已解密金融資料集;傳送該已解密金融資料集給該應用服務提供系統以回應該第一服務要求;及刪除該用戶隱私資料、該用戶替代隱私資料、該已加密金融資料集,及該已解密金融資料集;其中,該第二雲端服務提供系統用以:根據來自該第一雲端服務提供系統的該第二服務要求之訊息取得該已加密金融資料集;及傳送該已加密金融資料集給該第一雲端服務提供系統。A financial data processing architecture for use in a cloud computing environment, which can communicate with a user device, the financial data processing architecture comprising: an application service providing system for transmitting a first service request based on data from the user device and a first cloud service providing system for communicating with the application service providing system; and a second cloud service providing system for communicating with the application service providing system and the first cloud service providing system; The first cloud service providing system is configured to receive a first service request and a message from the application service providing system, where the first service request message includes a user privacy profile; and the at least one user profile is obtained according to the user privacy profile. a key; the user privacy data is encrypted according to the key to obtain a user substitute for the private data; and the second service request and the message are sent to the second cloud service providing system, wherein the second service request message Including the user's alternative privacy information; receiving from the second cloud service delivery system Retrieving a set of encrypted financial data transmitted by the second service request, and decrypting the encrypted financial data set according to the key to obtain a decrypted financial data set; transmitting the decrypted financial data set to the application The service providing system responds to the first service request; and deletes the user privacy information, the user substitute privacy data, the encrypted financial data set, and the decrypted financial data set; wherein the second cloud service providing system is used Obtaining the encrypted financial data set according to the second service request message from the first cloud service providing system; and transmitting the encrypted financial data set to the first cloud service providing system.
TW101110823A 2012-03-28 2012-03-28 Financial data processing method and its architecture applied in cloud computing environment TWI456524B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW101110823A TWI456524B (en) 2012-03-28 2012-03-28 Financial data processing method and its architecture applied in cloud computing environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW101110823A TWI456524B (en) 2012-03-28 2012-03-28 Financial data processing method and its architecture applied in cloud computing environment

Publications (2)

Publication Number Publication Date
TW201340018A TW201340018A (en) 2013-10-01
TWI456524B true TWI456524B (en) 2014-10-11

Family

ID=49770974

Family Applications (1)

Application Number Title Priority Date Filing Date
TW101110823A TWI456524B (en) 2012-03-28 2012-03-28 Financial data processing method and its architecture applied in cloud computing environment

Country Status (1)

Country Link
TW (1) TWI456524B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200952439A (en) * 2008-05-02 2009-12-16 Radiantrust Pte Ltd Method and system for on-screen authentication using secret visual message
TW201101215A (en) * 2009-06-26 2011-01-01 Inst Information Industry Two-factor authentication method and system for securing online transactions
US20110264907A1 (en) * 2010-04-27 2011-10-27 International Business Machines Corporation Securing information within a cloud computing environment
TW201203115A (en) * 2010-07-08 2012-01-16 Fireid Proprietary Ltd Method and system for deployment of software applications to mobile computing devices
US20120072985A1 (en) * 2010-05-18 2012-03-22 Freedom Professional Service & Technologies LLC d/b/a Freedom OSS Managing services in a cloud computing environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200952439A (en) * 2008-05-02 2009-12-16 Radiantrust Pte Ltd Method and system for on-screen authentication using secret visual message
TW201101215A (en) * 2009-06-26 2011-01-01 Inst Information Industry Two-factor authentication method and system for securing online transactions
US20110264907A1 (en) * 2010-04-27 2011-10-27 International Business Machines Corporation Securing information within a cloud computing environment
US20120072985A1 (en) * 2010-05-18 2012-03-22 Freedom Professional Service & Technologies LLC d/b/a Freedom OSS Managing services in a cloud computing environment
TW201203115A (en) * 2010-07-08 2012-01-16 Fireid Proprietary Ltd Method and system for deployment of software applications to mobile computing devices

Also Published As

Publication number Publication date
TW201340018A (en) 2013-10-01

Similar Documents

Publication Publication Date Title
US11140160B2 (en) Method and system for establishing inter-device communication
US20190318356A1 (en) Offline storage system and method of use
US9735962B1 (en) Three layer key wrapping for securing encryption keys in a data storage system
US20180212751A1 (en) End-To-End Secure Operations Using a Query Matrix
US20180234241A1 (en) Blockchain systems and methods for user authentication
WO2017024934A1 (en) Electronic signing method, device and signing server
JP2019516266A (en) System and method for encryption and decryption based on quantum key distribution
US20130191629A1 (en) Secure group-based data storage in the cloud
US20150082024A1 (en) Technologies for synchronizing and restoring reference templates
JP2004086894A5 (en)
JP5749236B2 (en) Key change management device and key change management method
JP2014017831A5 (en)
WO2009066217A3 (en) Performing secure electronic transactions
KR102098370B1 (en) Car sharing service providing system based on social network service and method thereof
JP2011018342A5 (en)
EP3465976B1 (en) Secure messaging
SE534641C2 (en) Device-independent processing of encrypted information
JP6049914B2 (en) Cryptographic system, key generation device, and re-encryption device
JP6426520B2 (en) Encryption key management system and encryption key management method
JP2012519995A5 (en)
US20150350375A1 (en) Information Processing Method, Trusted Server, and Cloud Server
JPWO2016132547A1 (en) Data storage device, data update system, data processing method, and data processing program
US8650275B2 (en) Requester-side distributed ID management device, provider-side distributed ID management device, distributed ID management system, and provider-side distributed ID management method
WO2012119389A1 (en) Data sharing system, data distribution system and data protection method
CN113436008A (en) Loan purpose monitoring method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees