WO2015055101A1 - Method, client, server and system for information transmission - Google Patents

Method, client, server and system for information transmission Download PDF

Info

Publication number
WO2015055101A1
WO2015055101A1 PCT/CN2014/088378 CN2014088378W WO2015055101A1 WO 2015055101 A1 WO2015055101 A1 WO 2015055101A1 CN 2014088378 W CN2014088378 W CN 2014088378W WO 2015055101 A1 WO2015055101 A1 WO 2015055101A1
Authority
WO
WIPO (PCT)
Prior art keywords
user information
target data
proxy server
ciphertext
client device
Prior art date
Application number
PCT/CN2014/088378
Other languages
French (fr)
Inventor
Jiangquan HUANG
Original Assignee
Tencent Technology (Shenzhen) Company Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology (Shenzhen) Company Limited filed Critical Tencent Technology (Shenzhen) Company Limited
Publication of WO2015055101A1 publication Critical patent/WO2015055101A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/76Proxy, i.e. using intermediary entity to perform cryptographic operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present disclosure generally relates to Internet technology and wireless communication technology. More specifically, the present disclosure relates to a method, a client, a server and a system for information transmission.
  • FIG 1 is a block diagram of an exemplary deployment of an existing information transmission system utilizing publicly accessible WiFi technology.
  • Figure 1 includes an exemplary existing WiFi system 100 that may include a wireless terminal device 110, a WiFi transceiver 112, a network server 114 and a user terminal 116.
  • Information such as sensitive user information in plaintext format or other information may be exchanged between the wireless terminal device 110 and the network server 114, via the WiFi transceiver 112.
  • the wireless transceiver may be a wireless access point, for example.
  • eavesdroppers may access the WiFi network 100 using terminal equipment such as notebook computer 116 and may obtain data that is transmitted over the network. For example, capturing software in the user terminal device 116 may be used to capture content transmitted in a local area network.
  • the data transmitted by the wireless terminal device 110 as a client in an existing network is transmitted in the form of plaintext.
  • a tool or a communicative application such as browser
  • the account and password of the client are transmitted in the form of plaintext. In this manner, the personal user information may be easily captured by the eavesdroppers using the terminal device 116. Therefore potential security risks exist when transmitting information in publicly accessible WiFi or local area networks.
  • the present disclosure provides a method, a client, a server and a system for information transmission, in order to provide security for information transmitted in a wireless network.
  • the present disclosure provides a method for information transmission utilizing a client device, comprising the steps of:
  • the client device may comprise a wireless client device that may be referred to as a wireless terminal device or user terminal.
  • the present disclosure also provides a method for information transmission utilizing a server device, comprising the steps of:
  • a proxy server receiving an operation request that includes ciphertext of user information sent by a client device, parsing the operation request to obtain plaintext of the user information; then sending an operation request that includes plaintext of the user information to a destination server;
  • the proxy server encrypting the received target data to generate ciphertext of the target data and then sending the target data to a client in the form of ciphertext.
  • the present disclosure also provides a method for information transmission, comprising the steps of:
  • a client device responding to operating instructions triggered through a user interface by a user, obtaining user information and encrypting the user information to generate ciphertext of the user information; then sending an operation request that includes the ciphertext of the user information to a proxy server;
  • the proxy server receiving and parsing the operation request which includes the ciphertext of the user information sent by the client, to obtain plaintext of the user information; then sending an operation request that includes the plaintext of the user information to a destination server;
  • the proxy server encrypting the received target data to generate ciphertext of the target data and then sending the target data to the client in the form of ciphertext.
  • the present disclosure also provides a client device for information transmission, comprising:
  • an obtaining module for user information configured to respond to operating instructions triggered through a user interface by a user, obtain user information and encrypting the user information to generate ciphertext of the user information;
  • a sending module for requests configured to send an operation request that includes the ciphertext of the user information to a proxy server, in order to trigger the proxy server to decrypt the ciphertext of the user information and output plaintext of the user information and send an operation request that includes the plaintext of user the information to a destination server.
  • the present disclosure includes a server device, for example, a proxy server, wherein the proxy server comprises:
  • a data decrypting module configured to receive an operation request that includes ciphertext of user information sent by a client device, parse the operation request to obtain the ciphertext of the user information and decrypt the ciphertext to obtain plaintext of the user information, and then send an operation request that includes the plaintext of the user information to a destination server;
  • a data receiving module configured to receive corresponding target data from the destination server, which is retrieved by the destination server according to the plaintext of the user information
  • a data encrypting module configured to encrypt the received target data and send the encrypted target data to a client, in the form of ciphertext.
  • the present disclosure also provides a system for information transmission, comprising at least one client device, at least one proxy server device and at least one destination server device, wherein:
  • the client device is configured to respond to operating instructions triggered by a user utilizing a user interface, obtain user information and encrypt the user information to generate ciphertext of the user information, and send an operation request that includes the ciphertext of the user information to a proxy server;
  • the proxy server is configured to receive and parse the operation request that includes the ciphertext of the user information sent by the client device, to obtain plaintext of the user information, and send an operation request that includes the plaintext of the user information to a destination server;
  • the destination server is configured to call corresponding target data according to the plaintext of user the information and send the target data to the proxy server;
  • the proxy server is further configured to encrypt the received target data and then send the target data to the client in the form of ciphertext.
  • the client responds to operating instructions triggered through a user interface by user, obtains user information and encrypts the obtained user information to generate ciphertext of the user information; sends an operation request that includes the ciphertext of the user information to the proxy server, in order to trigger the proxy server to decrypt the user information from ciphertext to plaintext and send an operation request that includes the plaintext of the user information to the destination server.
  • existing technology transmits user information in the form of plaintext in a wireless network; however, the present disclosure provides the beneficial effect of securing user information.
  • Figure 1 is an illustration of an exemplary existing information transmission system utilizing publicly accessible WiFi network technology (described above in the background section) .
  • Figure 2 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 3 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 4 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 5 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 6 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 7 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • FIG. 8 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • FIG. 9 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • Figure 10 is a bock diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • FIG 11 is a block diagram of a server device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • Figure 12 is a block diagram of a system utilized for information transmission in accordance with an embodiment of the disclosure.
  • Figure 13 is an illustration of an exemplary system deployment for information transmission in accordance with an embodiment of the disclosure.
  • Figure 1 is an illustration of an exemplary existing information transmission system utilizing publicly accessible WiFi network technology (described above in the background section) .
  • Figure 2 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. As shown in figure 2, the method comprises the following steps.
  • a user terminal or client device may respond to operating instructions triggered by a user interface based on user input, then the user device may obtain user information and encrypt the obtained user information to generate ciphertext of the user information.
  • the device may respond to operating instructions triggered by the user interface based on data input by the user and may obtain user information. For example, when a user may input user information such as account information, a username and/or password utilizing a web browser, for example, Microsoft Explorer or other applications and/or user interfaces.
  • the disclosure is not limited to any specific type of user interface and any suitable user interface may be utilized by the user and/or used to trigger the operating instructions.
  • the client device may obtain the user information and may encrypt the obtained user information to generate the ciphertext of the user information.
  • the user information may be obtained from local storage.
  • the encryption algorithm utilized by the client is not limited to any specific algorithm.
  • the client device may use any suitable encryption algorithm to encrypt the user information, for example, the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key, the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on.
  • DES Data Encryption Standard
  • AES Advanced Encryption Standard
  • symmetric algorithm 3DES Triple DES
  • IDEA International Data Encryption Algorithm
  • RSA Digital Signature Algorithm
  • the client device may encrypt the obtained user information according to a preset encryption algorithm, for example, the client device and a server, for example, a proxy server may agree on the use of an encryption and/or decryption algorithm with the client device.
  • a preset encryption algorithm for example, the client device and a server, for example, a proxy server may agree on the use of an encryption and/or decryption algorithm with the client device.
  • step 202 an operation request that may include the ciphertext of the user information may be sent by the client device to a proxy server.
  • the client device may send an operation request that may include the ciphertext of the user information to the proxy server in order to prompt the proxy server to decrypt ciphertext of the user information to recover the plaintext of the user information and send an operation request that includes the plaintext of the user information to a destination server.
  • the destination server may obtain target data based on the operating instructions originated by the user.
  • the client device may respond to operating instructions triggered through the interface by the user, may obtain user information and may encrypt the obtained user information to generate the ciphertext of the user information, may send an operation request that includes the ciphertext of the user information to the proxy server.
  • the proxy server may decrypt the user information from ciphertext to plaintext and may send an operation request that includes the plaintext of the user information to the destination server.
  • the present disclosure provides the beneficial effect of securing the user information.
  • the client device may be a wireless terminal device that may send the user information to a wireless network device for further delivery to the proxy server.
  • the wireless network device may comprise a WiFi access point or any other suitable wireless device that may route the user information to the proxy server for further delivery to the destination server.
  • the wireless terminal device may be any suitable communication and/or computing device, for example, a smart phone, tablet, laptop or wearable device.
  • Figure 3 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 3 includes steps for operations performed by a proxy server after the proxy server receives an operation request that includes ciphertext of user information.
  • Figure 3 includes steps 201 and 202 that are described with respect to Figure 2. After the step 202 that may include sending an operation request that includes ciphertext of user information to proxy server, some embodiments may proceed to further steps.
  • the client device may receive a ciphertext response from the proxy server according to the operation request.
  • the proxy server may decrypt the ciphertext to obtain the plaintext of the user information and may send an operation request that may include the plaintext of the user information, to a destination server. Then, the destination server may respond to the operation request that may include the plaintext of the user information and may call or retrieve data corresponding to the user information, and thus obtain target data to be returned to the client device.
  • the target data may comprise plaintext.
  • the destination server may send the target data to the proxy server.
  • the proxy server may encrypt the target data and then send it to the client device in the form of ciphertext.
  • the client device may parse and/or decrypt the ciphertext response received from the proxy server to obtain the target data received from the proxy server.
  • the client device may parse the ciphertext response to obtain the encrypted target data. The client device may then decrypt the target data to obtain the plaintext of the target data.
  • the target data, the user information or any other information may be sent in the form of ciphertext, for example, encrypted plaintext.
  • ciphertext for example, encrypted plaintext.
  • security of the transmitted information may be protected by the encryption.
  • This process may solve security problems caused by transmitting data in the form of plaintext in a wireless network, for example, publicly accessible WiFi networks.
  • user information that may be communicated using a web browser, for example, Microsoft Explorer or other applications using a client device may not obtained by a third party, which may effectively ensure the safety of user information.
  • the parsing and/or decrypting of the ciphertext response by the client device to obtain the target data returned by the proxy server may include decrypting the ciphertext of the target data according to a decryption algorithm that corresponds to or matches an encryption algorithm utilized by the proxy server device to encrypt the target data.
  • the client device may negotiate with the proxy server device regarding the encryption and/or decryption algorithms and may negotiate regarding encryption and/or decryption keys. The negotiations may enable the client device and the proxy server device to exchange data smoothly.
  • the disclosure is not limited to any specific type of encryption and/or decryption algorithms and any suitable encryption or decryption algorithms may be utilized.
  • a client device may respond to operating instructions triggered in a user interface by a user, obtain user information and encrypt the obtained user information to generate ciphertext of the user information.
  • An operation request that may include the ciphertext of the user information may be sent by the client device to a proxy server device, for example, via a wireless network.
  • the client device may receive a ciphertext response returned by the proxy server device via a wireless network.
  • the present disclosure may provide a beneficial effect of further securing user information communicated via a wireless network.
  • FIG 4 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to the flow chart of Figure 4, the steps 201, 202, 203 and 204 are described with respect to Figures 2 and 3. After step 204, the exemplary steps may proceed to step 205.
  • step 205 the obtained target data may be pushed or presented to users by the client device, for example.
  • a client device may push target data obtained and returned by a proxy server, to users directly.
  • the encryption and/or decryption operations performed by the client device may be transparent to users and/or a user interface provided for users, for example, a browser page displayed by the client device.
  • the exemplary steps 201 through 205 may enable securing data communicated via a wireless network between users of a client device and a target server device, which may be transparent to the users. Special treatment may not be required for the users using, for example, a browser page or other communicating applications to gain the benefit of the secure wireless communication. Furthermore, changes in a web page or other applications may not be needed to perform the secure communication based on the exemplary steps 201 to 205.
  • the embodiments of the present disclosure may ensure the safety of information transmission in wireless network while improving the efficiency of man-machine interaction.
  • FIG. 5 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 5, the exemplary steps begin with step 501.
  • a proxy server device may receive an operation request that may include ciphertext of user information sent by a client device.
  • the proxy server device may parse the operation request and decrypt the cipher text of the user information to obtain plaintext of the user information. Then an operation request that includes the plaintext of the user information may be sent to a destination server.
  • the client device may respond to operating instructions triggered by the user interface and/or by the user, and may obtain user information. For example, in instances when a user inputs user information such as an account identifier, username and password etc., using a web browser, such as Microsoft Internet Explorer or other client applications, the client device may obtain the user information. Then the client device may encrypt the obtained user information to generate ciphertext of the user information. The client device may send the ciphertext of the user information to a proxy server device via a wireless network, for example, via a WiFi access point.
  • a proxy server device via a wireless network, for example, via a WiFi access point.
  • the proxy server device may parse the operation request to extract the ciphertext of the user information included in the operation request. Then the proxy server device may decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to the encryption algorithm used to encrypt plaintext of the user information by the client device, in order to obtain plaintext of the user information. Next, the proxy server may send the decrypted plaintext of the user information to a destination server for subsequent data processing.
  • the proxy server device may receive corresponding target data from a destination server.
  • the target data may be called or retrieved by the destination server according to the plaintext of the user information, and then sent by the destination server to the proxy server.
  • the destination server may search a database according to the decrypted plaintext of the user information sent by the proxy server, may call or retrieve target data corresponding to the plaintext of the user information, and may send the obtained target data to the proxy server device. Then, the proxy server device may receive the corresponding target data sent by the destination server.
  • the data transmission between the proxy server and said destination server may be based on a wired network.
  • the destination server may send the obtained target data that corresponds to the plaintext of the user information, to the proxy server in the form of plaintext.
  • the destination server may also encrypt the obtained target data and then send the encrypted target data to proxy server in the form of ciphertext.
  • the proxy server may encrypt the received target data and may then send the target data to the client device in the form of ciphertext.
  • the proxy server device may encrypt the received target data and may then send the encrypted target data to the client device in the form of ciphertext, through a wireless network.
  • the proxy server device may send the target data that has been encrypted by destination server to the client device in the form of ciphertext directly.
  • the proxy server may also encrypt the encrypted target data and then send the twice encrypted target data to the client device in the form of ciphertext.
  • the proxy server device may decrypt the target data in accordance with preset encryption and/or decryption algorithms agreed upon by the destination server, to obtain the plaintext of target data. Then the proxy server device may encrypt the plaintext of target data according to preset encryption and decryption algorithm agreed upon with the client device, and may send the encrypted target data to the client in the form of ciphertext.
  • the destination server may send the obtained target data to the proxy server in the form of plaintext through any suitable wired network or wireless network.
  • the proxy server may encrypt the received target data and may then send the encrypted target data to the client device in the form of ciphertext through a wireless network.
  • the proxy server device may receive an operation request that may include ciphertext of user information sent by a client device, may parse the operation request and decrypt the ciphertext of the user information to obtain the plaintext of the user information and may send an operation request that includes the plaintext of the user information to a destination server.
  • the proxy server device may receive corresponding target data from the destination server, which may be called or retrieved by the destination server according to the plaintext of the user information.
  • the proxy server may encrypt the received target data and then send the target data to the client device in the form of ciphertext.
  • the present disclosure may provide a beneficial effect of ensuring security of user information.
  • FIG. 6 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 6, the exemplary steps begin with step 601.
  • a client may respond to operating instructions triggered through an interface by a user.
  • the user information may be obtained and encrypted to get ciphertext of user the information.
  • the client may send an operation request that includes the ciphertext of the user information to a proxy server.
  • the client may respond to the operating instructions triggered through the interface by user and may obtain user information. For example, when users input user information based on the Explorer application or other applications of the client, such as account, username and password etc. , the client may obtain the user information such as account, username and password etc. Then the client may encrypt the obtained user information to get ciphertext of the user information.
  • the encryption algorithm of client is not limited to any specific type of encryption algorithm.
  • the client may use any suitable encryption algorithm to encrypt the user information encrypted, for example, the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key , the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on.
  • DES Data Encryption Standard
  • AES Advanced Encryption Standard
  • IDEA International Data Encryption Algorithm
  • RSA Digital Signature Algorithm
  • the client may encrypt the obtained user information according to an encryption algorithm agreed upon by the proxy server.
  • the client may send the operation request including the encrypted ciphertext of the user information so as to obtain target data requested by the operating instructions triggered by the user.
  • the proxy server may receive and parse the operation request that includes the ciphertext of the user information sent by the client and may decrypt the ciphertext of the user information to obtain plaintext of the user information. Then the proxy server may send an operation request that may include the plaintext of the user information to a destination server.
  • the proxy server may parse the operation request to extract the ciphertext of the user information included in the operation request. Then the proxy server may decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to the encryption algorithm which is used to encrypt plaintext of the user information by the client, in order to get plaintext of the user information. Next the proxy server may send the decrypted plaintext of the user information to a destination server for subsequent data processing.
  • the destination server may call corresponding target data according to the plaintext of the user information and then may send the target data to the proxy server.
  • the destination server may search a database according based on the plaintext of the user information sent by the proxy server, may call the corresponding target data based on the plaintext of the user information and may send the target data to the proxy server.
  • the data transmission between the proxy server and the destination server may be sent on a wired network, where the destination server may send the obtained target data according to the plaintext of the user information to the proxy server in the form of plaintext.
  • the destination server may also encrypt the obtained target data and then send the encrypted target data to the proxy server in the form of ciphertext.
  • the proxy server may encrypt the received target data and may then send the encrypted target data to the client in the form of ciphertext.
  • the proxy server may encrypt the target data and then send the encrypted target data to client in the form of ciphertext through wireless network.
  • the proxy server may send the target data that has been encrypted by destination server to the client in the form of ciphertext directly.
  • the proxy server may also encrypt the encrypted target data and then send the twice encrypted target data to the client in the form of ciphertext.
  • the proxy server may decrypt the target data in the form of ciphertext returned by destination server, according to preset encryption and/or decryption algorithm agreed upon with the destination server to obtain the plaintext of target data. Then the proxy server may encrypt the obtained plaintext of target data according to preset encryption and/or decryption algorithm agreed upon with the client, and may send the encrypted target data to client in the form of ciphertext.
  • the destination server may send the obtained target data to the proxy server in the form of plaintext through a wired or wireless network.
  • the proxy server may encrypt the target data and send the encrypted target data to the client in the form of ciphertext through a wireless network.
  • a client responds to operating instructions triggered through a user interface by a user, obtains user information and encrypts the obtained user information to get ciphertext of the user information, then sends an operation request that may include the ciphertext of the user information to a proxy server, via a wireless network, for example, via a WiFi network device.
  • the proxy server may receive the operation request that includes the ciphertext of the user information sent by the client, may parse the operation request to obtain the ciphertext of the user information and decrypt the ciphertext to obtain the plaintext of the user information. Then the proxy server may send an operation request that may include the plaintext of the user information to a destination server.
  • the destination server may call or retrieve corresponding target data based on the plaintext of the user information, and may then send the target data to the proxy server.
  • the proxy server may encrypt the received target data and then send the encrypted target data to the client in the form of ciphertext.
  • the present disclosure may provide the beneficial effect of ensuring the security of the user information.
  • Figure 7 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
  • Figure 7 includes the exemplary steps 601-604 as described with respect to Figure 6. After step 604, the exemplary steps may proceed to step 605.
  • the client may decrypt target data received from the proxy server in the form of ciphertext, and may send the decrypted target data to the user.
  • the client may parse the ciphertext response so as to obtain the encrypted target data that may be included in the ciphertext response.
  • the client may then decrypt the encrypted target data to obtain the plaintext of target data.
  • the transmitted data that may include user information or other private information may all be sent in the form of ciphertext.
  • the user information may be transmitted to and/or processed by a publicly accessible WiFi device when being transmitted between the client and proxy server, and may be captured by eavesdroppers, the eavesdroppers may be unable to obtain the protected user information.
  • This method may solve the safety problems caused by transmitting data in the form of plaintext in a wireless network, for example, using publicly accessible WiFi systems. It may ensure that user information, for example, information input by a user and sent over a wireless network by a web browser or other communicative application may not be obtained by a third party, which may effectively ensure the safety of the user information.
  • the parsing of the ciphertext response by the client so as to obtain the target data received from the proxy server may include decrypting the ciphertext response to obtain plaintext of the target data according to a decryption algorithm that corresponds to an encryption algorithm used by the proxy server to encrypt the target data.
  • the client may negotiate with the proxy server regarding the corresponding encryption and decryption algorithms and/or encryption and decryption keys in order to improve efficiency when the client and the proxy server transmit data.
  • encryption and/or decryption algorithms utilized in any of the methods, devices or systems described herein are not limited to any specific type of encryption and/or decryption algorithm. Any suitable encryption and/or decryption algorithm may be utilized to encrypt the user information, the target data and/or any other information prior to transmission.
  • some algorithms that may be utilized may include the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key , the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on, however, the disclosure is not limited in this regard.
  • DES Data Encryption Standard
  • AES Advanced Encryption Standard
  • IDEA International Data Encryption Algorithm
  • RSA Digital Signature Algorithm
  • the client may send or push the obtained plaintext target data to users directly.
  • the encryption and/or decryption operations used in the client and/or proxy server may be transparent to the user and the user interface, for example, a browser page on the client. Special treatment may not be required for the users using a browser page or other communicating applications in order to gain the benefit of secure wireless communication. Furthermore, changes in a web page or other application may not be needed in order to perform the secure communication based on methods, devices and systems described herein.
  • the embodiments of the present disclosure may ensure the safety of information transmission in wireless networks while improving the efficiency of man-machine interaction.
  • FIG 8 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 8, there is shown a client device 810, an obtaining module for user information 801 and a sending module 802.
  • the client device 810 may comprise a user terminal device that may be operable to communicate via a wireless network, for example, a WiFi network or any other type of wireless network utilizing any suitable wireless technology.
  • the client device 810 may comprise for example, a wireless phone or smart phone, or any computing and/or communication device that may communicate via a wireless network, for example, a tablet computer, laptop computer.
  • the client device 810 may comprise the obtaining module for user information 801 and the sending module 802.
  • the obtaining module for user information 801 may comprise any suitable circuitry, hardware processors, interfaces, logic or code that may be operable to respond to operating instructions triggered in a user interface by user.
  • the obtaining module 801 may be utilized to obtain user information and may encrypt the user information to generate ciphertext of the user information.
  • the obtaining module for user information 801 may respond to operating instructions that may be triggered in a user interface by a user and may obtain user information. For example, when the user inputs user information in a web browser, for example, Microsoft Internet Explorer or any other suitable application in the client device 810, where the user information may include an account identifier, a username, a password and/or any other suitable user data, the obtaining module for user information 801 may obtain the input user information. Then, the obtaining module for user information 801 may encrypt the obtained user information to generate ciphertext of the user information.
  • a web browser for example, Microsoft Internet Explorer or any other suitable application in the client device 810
  • the user information may include an account identifier, a username, a password and/or any other suitable user data
  • the obtaining module for user information 801 may obtain the input user information. Then, the obtaining module for user information 801 may encrypt the obtained user information to generate ciphertext of the user information.
  • the obtaining module for user information 801 is not limited to any specific type of encryption and/or decryption algorithm and may utilize any suitable encryption and/or decryption algorithm.
  • any of the symmetric encryption algorithm DES and AES, the symmetric algorithm 3DES based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA using 128-bit encryption key, the asymmetric algorithms RSA and DSA and any other suitable algorithms may be utilized.
  • the obtaining module for user information 801 may encrypt the obtained user information based on an encryption algorithm that is agreed upon by the client device 810 and a proxy server to which the user information may be transmitted.
  • the sending module 802 may comprise any suitable circuitry, hardware processors, interfaces, logic or code that may be operable to send an operation request that may include the ciphertext of the user information to the proxy server.
  • the sending module 802 may send an operation request that includes the ciphertext of the user information to the proxy server in order to request that the proxy server decrypt the ciphertext of the user information to obtain plaintext of the user information and to send an operation request that may include the plaintext of the user information to a destination server.
  • the destination server may retrieve target data that corresponds to the operating instructions triggered by user in the client device 810.
  • the client device 810 may respond to operating instructions triggered in the user interface by the user, obtain the user information and encrypt the obtained user information to generate ciphertext of the user information.
  • the client device 810 may send an operation request that may include the ciphertext of the user information to the proxy server in order to request that the proxy server decrypt the user information from the ciphertext to obtain plaintext of the user information and send an operation request that includes the plaintext of the user information to the destination server.
  • FIG 9 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • a client device 910 that may comprise the obtaining module for user information 801, the sending module 802 and a target data obtaining module 803.
  • the obtaining module 801 and sending module 802 are described with respect to Figure 8.
  • the client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to execute the client methods and steps described herein with respect to the Figures 2-13.
  • the target data obtaining module 803 of the client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive a ciphertext response from the proxy server and may parse the ciphertext response to obtain target data returned sent by the proxy server.
  • the ciphertext response may be generated by the proxy server by encrypting a plaintext of the target data response returned by the destination server.
  • the proxy server may receive an operation request that may include ciphertext of the user information from the obtaining module for user information 801
  • the proxy server may decrypt the ciphertext of the user information to obtain plaintext of the user information and may send an operation request that includes the plaintext of the user information to the destination server.
  • the destination server may respond to the operation request that may include the plaintext of the user information, may call or retrieve data corresponding to the user information, and thus may obtain target data for the client device 910.
  • the destination server may send the target data for the client device to the proxy server.
  • the proxy server may encrypt the target data and may then send the encrypted target data as a response to the target data obtaining module 803 in the client device 910 in the form of ciphertext.
  • the target data obtaining module 803 of the client device 910 may parse the ciphertext response to obtain the encrypted target data that may be included in the ciphertext response and may decrypt the target data to obtain plaintext of the target data.
  • the data may be transmitted in the form of ciphertext via a wireless network.
  • the user information may be transmitted to and/or processed by a publicly accessible WiFi device when being transmitted between the client device 910 and proxy server, and may be captured by eavesdroppers, the eavesdroppers may be unable to obtain the protected user information.
  • This method may solve the safety problems caused by transmitting data in the form of plaintext in a wireless network, for example, using publicly accessible WiFi systems.
  • the information sent over a wireless network by a web browser or other communicative application may not be obtained by a third party, which may effectively ensure the safety of the user information.
  • the target data obtaining module 803 of the client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to parse the response from the proxy server to obtain the ciphertext of the target data.
  • the ciphertext of the target data may be decrypted using a decryption algorithm that corresponds to an encryption algorithm used to encrypt the target data by the proxy server.
  • the client device 910 may negotiate with the proxy server to determine which encryption and/or decryption algorithms and/or which encryption and/or decryption keys to utilize. In this manner communication between the client device 910 and the proxy server device may run more efficiently.
  • the client device 910 may respond to operating instructions triggered in a user interface by a user, may obtain user information and may encrypt the user information to generate ciphertext of the user information.
  • the client device 910 may send an operation request that may include the ciphertext of the user information to a proxy server, for example, via a wireless network.
  • the ciphertext of the user information may be sent to a network device such as a WiFi access point that may be available for use by other users without need for password permission to access the WiFi access point; however, the disclosure is not limited in this regard.
  • the proxy server may send the user information to a destination server and may receive a response from the destination server; however, the disclosure is not limited in this regard.
  • the client device 910 may receive a ciphertext response from the proxy server in accordance with the operation request.
  • the client device 910 may parse and/or decrypt the ciphertext response to obtain target data returned by the proxy server.
  • transmission of ciphertext of the user information and ciphertext of the target data between the client device 910 and the proxy server, rather than plaintext may improve data security and privacy for the user information and the target data, relative to existing technology where user information is transmitted in the form of plaintext in a wireless network.
  • FIG. 10 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
  • a client device 1010 that may comprise the obtaining module for user information 801, the sending module 802, the target data obtaining module 803 and a pushing module 804.
  • the obtaining module for user information 801, the sending module 802 and the target obtaining module 803 are described with respect to Figures 8 and 9.
  • the client device 1010 may comprise one or more processor means, , interfaces, logic and/or code that may be operable to execute the client methods and steps described herein with respect to the Figures 2-13.
  • the one or more processor means may be any suitable circuitry, or hardware processors.
  • the pushing module 804 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to push or send target data obtained from a destination server, to users for user access to the target data.
  • the pushing module 804 may send or push obtained target data returned by the proxy server to users directly.
  • the encryption and/or decryption operations may be done on the client, and may be transparent to the user and user interface, such as a browser page of the client device 1010.
  • users and the target server may not need to apply or receive any special treatment.
  • the present disclosure may not require changes to browser pages or other communicative applications while the methods described herein may enable securing of information transmitted in a wireless network and/or providing efficiency of man-machine interaction.
  • FIG 11 is a block diagram of a server device comprising function modules that may be utilized for information transmission in accordance with an embodiment of the disclosure.
  • a proxy server 1110 that may include a decrypting module 1101, a receiving module 1102 and an encrypting module 1103.
  • the proxy server 1110 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to execute the proxy server methods and steps described herein with respect to the Figures 2-13.
  • the decrypting module 1101 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive an operation request that may include ciphertext of user information sent by the client device 810, 910, or 1010, for example.
  • the decrypting module 1101 may parse the operation request to obtain the ciphertext of the user information and may decrypt ciphertext of the user information to obtain plaintext of the user information from the client device 810, 910, or 1010.
  • the decrying module 1101 may then send an operation request that may include the plaintext of the user information to a destination server.
  • the respective client device 810, 910, or 1010 may respond to operating instructions triggered through the interface by the user and may obtain the user information. For example, when a user inputs user information such as account, username and password etc. , using a browser application, for example, Microsoft Internet Explorer or other communicative applications executed on the client device 810, 910, or 1010, the client device may obtain the user information such as account, username and password etc.
  • a browser application for example, Microsoft Internet Explorer or other communicative applications executed on the client device 810, 910, or 1010
  • the client device may obtain the user information such as account, username and password etc.
  • the client device 810, 910, or 1010 may encrypt the obtained user information to generate the ciphertext of the user information and may send an operation request that includes the ciphertext of the user information to the decrypting module 1101 of the proxy device 1110.
  • the proxy server 1110 may parse the operation request to extract the ciphertext of the user information included in the operation request.
  • the decrypting module 1101 may then decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to an encryption algorithm that is used to encrypt plaintext of the user information in order to obtain the plaintext of the user information.
  • the decrypting module may then send the plaintext of user the information to the destination server for subsequent data processing.
  • the receiving module 1102 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive target data that may be received in response to the operation request including the plaintext of the user information sent to the destination server.
  • the target data may be called or retrieved by a destination server in accordance with the operation request and/or the plaintext of user information and sent to the proxy server 1110.
  • the destination server may search a database according to the decrypted plaintext of the user information sent by the decrypting module 1101, and may call or retrieve target data corresponding to the plaintext of the user information.
  • the destination server may send the target data to the receiving module 1102 the proxy server 1110.
  • the receiving module 1102 may receive the corresponding target data.
  • the data may be transmitted and received by the proxy server 1110 and the destination server on a wired network where the destination server may send the target data that corresponds to the plaintext of the user information to the receiving module 1102 in the form of plaintext.
  • the destination server may encrypt the target data and then send the encrypted target data to the receiving module 1102 in the form of ciphertext.
  • the encrypting module 1103 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to encrypt the target data received by the receiving module 1102 and send the encrypted target data to the client device 810, 910, or 1010 in the form of ciphertext.
  • the encrypting module 1103 may encrypt the received target data and then send the encrypted target data to client device 810, 910, or 1010 in the form of ciphertext through a wireless network.
  • the encrypting module 1103 may send the target data that has been encrypted by destination server to client device 810, 910, or 1010, in the form of ciphertext directly. However, in order to further improve data security of the target data, the encrypting module 1103 may encrypt the encrypted target data and then send the twice encrypted target data to the client device 810, 910, or 1010 in the form of ciphertext.
  • the encrypting module 103 may decrypt the ciphertext target data received from the destination server based on an encryption and/or decryption algorithm agreed upon by the destination server and the proxy server 1110 to obtain the plaintext of the target data. Then the encrypting module 1103 may encrypt the plaintext of the target data based on an encryption and/or decryption algorithm agreed upon by the client device 810, 910, or 1010 and the proxy server 1110, and may send the encrypted target data to the client device 810, 910, or 1010 in the form of ciphertext.
  • the destination server may send the target data to the receiving module 1102 of data in the form of plaintext through a wired network or wireless network where the encrypting module 1103 may encrypt the target data and then send the encrypted target data to the client device 810, 910, or 1010 in the form of ciphertext through wireless network.
  • the proxy server 1110 may receive an operation request that may include ciphertext of user information sent by a client device 810, 910, or 1010.
  • the proxy server 1110 may parse the operation request and decrypt the ciphertext of the user information to obtain plaintext of the user information.
  • the proxy server 1110 may then send an operation request that may include the plaintext of the user information to a destination server.
  • the proxy server 1110 may receive corresponding target data from the destination server that may be called or retrieved by the destination server according to the plaintext of the user information.
  • the proxy server 1110 may encrypt the received target data and may then send the encrypted target data to the client device 810, 910, or 1010 in the form of ciphertext.
  • the present disclosure may provide a beneficial effect of ensuring the security of the user information.
  • FIG 12 is a block diagram of a system utilized for information transmission in accordance with an embodiment of the disclosure.
  • a system 1200 may comprise a proxy server device 1201, a destination server device 1202 and a client device 1203.
  • the client device 1203 may be similar or substantially the same as at least one of the client device 810, 910, or 1010.
  • the proxy server device 1201 may be similar or substantially the same as the proxy server 1110.
  • the destination server device 1202 may be similar or substantially the same as the destination server described with respect to Figures 2-13 of the present disclosure.
  • the system 1200 may be operable to execute the methods described herein with respect to Figures 2-13.
  • FIG. 13 is an illustration of an exemplary system deployment for information transmission in accordance with an embodiment of the disclosure.
  • the system 1300 comprising a client device 1313, a proxy server device 1311 and a destination server device 1312. Also shown are a WiFi access point 1314 and an eavesdropping user terminal 1315.
  • the client device 1313 may be referred to as a wireless terminal device.
  • the client device 1313 may be similar or substantially the same as the client device 1203.
  • the proxy server device 1311 may be similar or substantially the same as the proxy server 1201 and the destination server device 1312 may be similar or substantially the same as the destination server 1202.
  • the system 1300 may comprise a communication network where, the client device 1313 and the proxy server 1311 may be communicatively coupled. Furthermore, one or both of the client device 1313 and the proxy server device 1311 may be communicatively coupled to the WiFi access point 1314 via a wireless network. The proxy server device 1311 and the destination server 1312 may be communicatively coupled via a wired or wireless network. Moreover, the eavesdropping user terminal 1315 may be communicatively coupled to the WiFi access point 1314.
  • the client device 1313 may be configured to respond to operating instructions triggered through a user interface by a user, obtain user information and encrypt the user information to generate ciphertext of the user information.
  • the client device 1313 may send an operation request that may include the ciphertext of the user information to the proxy server 1311.
  • the proxy server 1311 may be configured to receive and parse the operation request that includes the ciphertext of the user information sent by the client device 1313, to obtain plaintext of the user information.
  • the proxy server 1311 may send an operation request that may include the plaintext of the user information to the destination server 1312.
  • the destination server device 1312 may be configured to call target data corresponding to the plaintext of the user information and may send the target data to the proxy server device 1311.
  • the proxy server device 1311 also be configure to encrypt the target data and send the encrypted target data to the client device 1313 in the form of ciphertext.
  • the client device 1313 may respond to operating instructions generated by the user utilizing the user interface and may obtain user information. For example, in instances when a user may input user information such as, for example, an account identifier, username and/or password, utilizing Microsoft Internet Explorer or another suitable application that may be executed by the client device 1313, the client device 1313 may obtain the user information. The client device 1313 may then encrypt the obtained user information to generate ciphertext of the user information.
  • the encryption and/or decryption algorithms utilized by the client device 1313 are not limited to any specific type of encryption and/or decryption algorithm and any suitable encryption or decryption algorithms may be utilized.
  • the encryption and/or decryption algorithms utilized by the client 1313 may be agreed upon by the proxy server device 1311 and the client device 1313.
  • the client device 1313 may send an operation request that may include the ciphertext of the user information, to the proxy server 1311 in order to obtain target data from the destination server 1312.
  • the target data may be requested in the operating instructions triggered by user in the user interface.
  • the proxy server 1311 may parse the operation request to extract the ciphertext of user information that may be included in the operation request.
  • the proxy server 1311 may then decrypt the ciphertext of the user information based on a decryption algorithm that corresponds to an encryption algorithm utilized to encrypt the plaintext of the user information, and may obtain the plaintext of the user information.
  • the proxy server device 1311 may send the decrypted plaintext of the user information to the destination server device 1312 for subsequent data processing.
  • the destination server device 1312 may search a database based on the decrypted plaintext of the user information sent by the proxy server 1311 and may call or retrieve the target data corresponding to the plaintext of the user information.
  • the destination server may send the target data to proxy server 1311.
  • the transmission of the data between said proxy server 1311 and the destination server 1312 may occur in a wired network, where the destination server 1312 may send the target data corresponding to the plaintext of the user information to the proxy server 1311 in the form of plaintext.
  • data security may be further improved, by encrypting the target data in the destination server device 1312 and sending the encrypted target data to the proxy server 1311 in the form of ciphertext.
  • the encrypting module 1103 of the proxy server 1311 may be configured to encrypt received target data and then send the encrypted target data to the client device 1313 in the form of ciphertext.
  • the proxy server device 1311 may encrypt the target data and send the encrypted target data to client device 1313 in the form of ciphertext through wireless network.
  • the proxy server 1311 may send the target data that has been encrypted by destination server 1312 to the client device 1313 in the form of ciphertext directly. However, in order to further improve security of the data, the proxy server device 1311 may also encrypt the encrypted target data again and then send the twice encrypted target data to the client device 1313 in the form of ciphertext.
  • the proxy server 1311 may decrypt the ciphertext of the target data according to a preset encryption and/or decryption algorithm that may be agreed upon by the destination server 1312 and the proxy server 1311, to obtain the plaintext of target data. Then the proxy server device 1311 may encrypt the plaintext of the target data according to a preset encryption and/or decryption algorithm agreed upon by the client device 1313 and the proxy server device 1311, and may send the encrypted target data to the client 1313 in the form of ciphertext.
  • the client device 1313 may respond to operating instructions triggered through a interface by a user, may obtain user information of the user and may encrypt the obtained user information to get ciphertext of user information.
  • the client device 1313 may send an operation request that may include the ciphertext of the user information to the proxy server device 1311.
  • the proxy server device 1311 may receive the operation request that may include the ciphertext of the user information and may parse the operation request to extract the ciphertext of the user information.
  • the proxy server 1311 may decrypt the ciphertext of the user information to obtain the plaintext of the user information.
  • the proxy server 1311 may then send an operation request that may include the plaintext of the user information to the destination server 1312.
  • the destination server 1312 may call or retrieve target data based on the plaintext of the user information, and may then send the target data to the proxy server 1311.
  • the proxy server 1311 may then encrypt the received target data and may send the encrypted target data to the client device 1313 in the form of ciphertext.
  • the present disclosure may provide a beneficial effect of ensuring the security of the user information.
  • the encrypted user information may be transmitted to the proxy server 1311 from the client device 1313 via the WiFi access point 1314 and may be processed by the WiFi access point 1314 while on route to the proxy server 1311
  • the encrypted target data may be transmitted via the WiFi access point 1314 and/or processed by the WiFi access point 1314 while on route to the client device 1313.
  • the WiFi access point 1314 may be accessed by the eavesdropping user terminal 1315, attempting to intercept the user information and/or the target data
  • the data may be protected from the eavesdropping by the encryption of the data.
  • the methods described above with respect to Figures 2-13 may be performed by executing software instructions in a hardware platform.
  • the essence of a technical scheme of the present disclosure or a contribution to existing technology may be realized in the form of a software product, executed by the client devices shown in Figure 8, Figure 9 and/or Figure 10, the proxy server shown in Figure 11, Figure 12 and Figure 13, and the wireless terminal shown in figure 13.
  • the software product may be stored in a storage medium (such as ROM/RAM, disk, cd-rom) .
  • Said storage medium may be a medium of the proxy server shown in figure 11, figure 12 and figure 13, or the medium of the destination server shown in figure 12 and figure 13, or the medium of the wireless terminal shown in figure 13.
  • the proxy server shown in figure 11, figure 12 and figure 13, or the destination server shown in figure 12 and figure 13, or the wireless terminal shown in figure 13 may include several instructions to cause the proxy server shown in figure 11, figure 12 and figure 13, or the destination server shown in figure 12 and figure 13, or the wireless terminal (such as mobile, computer, server, or network device) shown in figure 13 implement the described methods of present disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method, client, server and system for information transmission are provided where a wireless client device responds to operating instructions triggered in a user interface by a user, obtains user information and encrypts the user information to generate ciphertext of the user information. The wireless client device sends an operation request that includes the ciphertext of the user information to a proxy server to prompt the proxy server to decrypt the ciphertext of the user information to obtain plaintext of the user information and send an operation request that includes the plaintext of the user information to a destination server. The user interface may comprise a webpage or another application that triggers the ciphertext of user information to be sent to the proxy server. The ciphertext of the user information may be sent by a webpage application to the proxy server via a WiFi access point.

Description

METHOD, CLIENT, SERVER AND SYSTEM FOR INFORMATION TRANSMISSION FIELD OF THE INVENTION
The present disclosure generally relates to Internet technology and wireless communication technology. More specifically, the present disclosure relates to a method, a client, a server and a system for information transmission.
BACKGROUND OF THE INVENTION
With the constant expansion of wireless network coverage areas, for example, WiFi coverage, more and more users access the Internet using publicly accessible wireless networks such as WiFi. Figure 1 is a block diagram of an exemplary deployment of an existing information transmission system utilizing publicly accessible WiFi technology. Figure 1 includes an exemplary existing WiFi system 100 that may include a wireless terminal device 110, a WiFi transceiver 112, a network server 114 and a user terminal 116. Information such as sensitive user information in plaintext format or other information may be exchanged between the wireless terminal device 110 and the network server 114, via the WiFi transceiver 112. The wireless transceiver may be a wireless access point, for example. Because the existing technology may not utilize password authentication when a wireless terminal device accesses a publicly accessible WiFi network, eavesdroppers, may access the WiFi network 100 using terminal equipment such as notebook computer 116 and may obtain data that is transmitted over the network. For example, capturing software in the user terminal device 116 may be used to capture content transmitted in a local area network. However, the data transmitted by the wireless terminal device 110 as a client in an existing network, is transmitted in the form of plaintext. For example, when a tool or a communicative application such as browser, is used in a client mobile terminal device to access an online bank which may require a login process or to communicate personal user information such as by e-mail, the account and password of the client are transmitted in the form of plaintext. In this manner, the personal user information may be easily captured by the eavesdroppers using the terminal device 116. Therefore potential security risks exist when transmitting information in publicly accessible WiFi or  local area networks.
SUMMARY
The present disclosure provides a method, a client, a server and a system for information transmission, in order to provide security for information transmitted in a wireless network.
The present disclosure provides a method for information transmission utilizing a client device, comprising the steps of:
responding to operating instructions triggered through a user interface by user, then obtaining user information and encrypting the obtained user information to generate ciphertext of the user information;
sending an operation request that includes the ciphertext of the user information to a proxy server, where the proxy server decrypts the ciphertext of the user information to obtain the plaintext of the user information and sends an operation request that includes the plaintext of the user information to a destination server.
In some systems, the client device may comprise a wireless client device that may be referred to as a wireless terminal device or user terminal.
The present disclosure also provides a method for information transmission utilizing a server device, comprising the steps of:
in a proxy server, receiving an operation request that includes ciphertext of user information sent by a client device, parsing the operation request to obtain plaintext of the user information; then sending an operation request that includes plaintext of the user information to a destination server;
in the proxy server, receiving corresponding target data which is retrieved by the destination server according to the plaintext of the user information and sent by the destination server;
in the proxy server, encrypting the received target data to generate ciphertext of the target data and then sending the target data to a client in the form of ciphertext.
The present disclosure also provides a method for information transmission, comprising the steps of:
in a client device, responding to operating instructions triggered through a user interface by a user, obtaining user information and encrypting the user information to generate ciphertext of the user information; then sending an operation request that includes the ciphertext of the user information to  a proxy server;
in the proxy server, receiving and parsing the operation request which includes the ciphertext of the user information sent by the client, to obtain plaintext of the user information; then sending an operation request that includes the plaintext of the user information to a destination server;
in the destination server, retrieving the corresponding target data according to the plaintext of the user information, then sending the target data to the proxy server;
in the proxy server, encrypting the received target data to generate ciphertext of the target data and then sending the target data to the client in the form of ciphertext.
The present disclosure also provides a client device for information transmission, comprising:
an obtaining module for user information, configured to respond to operating instructions triggered through a user interface by a user, obtain user information and encrypting the user information to generate ciphertext of the user information;
a sending module for requests, configured to send an operation request that includes the ciphertext of the user information to a proxy server, in order to trigger the proxy server to decrypt the ciphertext of the user information and output plaintext of the user information and send an operation request that includes the plaintext of user the information to a destination server.
The present disclosure includes a server device, for example, a proxy server, wherein the proxy server comprises:
a data decrypting module, configured to receive an operation request that includes ciphertext of user information sent by a client device, parse the operation request to obtain the ciphertext of the user information and decrypt the ciphertext to obtain plaintext of the user information, and then send an operation request that includes the plaintext of the user information to a destination server;
a data receiving module configured to receive corresponding target data from the destination server, which is retrieved by the destination server according to the plaintext of the user information;
a data encrypting module configured to encrypt the received target data and send the encrypted target data to a client, in the form of ciphertext.
The present disclosure also provides a system for information transmission, comprising at least one client device, at least one proxy server device and at least one destination server device, wherein:
the client device is configured to respond to operating instructions triggered by a user utilizing a user interface, obtain user information and encrypt the user information to generate ciphertext of the user information, and send an operation request that includes the ciphertext of the user information to a proxy server;
the proxy server is configured to receive and parse the operation request that includes the ciphertext of the user information sent by the client device, to obtain plaintext of the user information, and send an operation request that includes the plaintext of the user information to a destination server;
the destination server is configured to call corresponding target data according to the plaintext of user the information and send the target data to the proxy server;
the proxy server is further configured to encrypt the received target data and then send the target data to the client in the form of ciphertext.
In present disclosure, the client responds to operating instructions triggered through a user interface by user, obtains user information and encrypts the obtained user information to generate ciphertext of the user information; sends an operation request that includes the ciphertext of the user information to the proxy server, in order to trigger the proxy server to decrypt the user information from ciphertext to plaintext and send an operation request that includes the plaintext of the user information to the destination server. In comparison, existing technology transmits user information in the form of plaintext in a wireless network; however, the present disclosure provides the beneficial effect of securing user information.
BRIEF DESCRIPTION OF THE DRAWINGS
The present disclosure may be better understood with reference to the following drawings and descriptions which include non-limiting and non-exhaustive embodiments of the disclosure. The drawings described hereinafter include only some embodiments related to the present disclosure. Other drawings may be determined by those skilled in the art based on these drawings, without creative effort.
Figure 1 is an illustration of an exemplary existing information transmission system utilizing publicly accessible WiFi network technology (described above in the background section) .
Figure 2 is a flowchart including exemplary steps of a method for information  transmission in accordance with an embodiment of the disclosure.
Figure 3 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
Figure 4 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
Figure 5 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
Figure 6 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
Figure 7 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure.
Figure 8 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
Figure 9 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
Figure 10 is a bock diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
Figure 11 is a block diagram of a server device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure.
Figure 12 is a block diagram of a system utilized for information transmission in accordance with an embodiment of the disclosure.
Figure 13 is an illustration of an exemplary system deployment for information transmission in accordance with an embodiment of the disclosure.
DETAILED DESCRIPTION
Several embodiments of the disclosure will be described in conjunction with the accompanying drawings. All other embodiments determined by those skilled in the art based on the  embodiments of the present disclosure, without creative effort, will fall within the scope of protection of the present disclosure.
Figure 1 is an illustration of an exemplary existing information transmission system utilizing publicly accessible WiFi network technology (described above in the background section) .
Figure 2 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. As shown in figure 2, the method comprises the following steps.
In step 201, a user terminal or client device may respond to operating instructions triggered by a user interface based on user input, then the user device may obtain user information and encrypt the obtained user information to generate ciphertext of the user information. When a user accesses a web page or other forms of server data using the client device, the device may respond to operating instructions triggered by the user interface based on data input by the user and may obtain user information. For example, when a user may input user information such as account information, a username and/or password utilizing a web browser, for example, Microsoft Explorer or other applications and/or user interfaces. The disclosure is not limited to any specific type of user interface and any suitable user interface may be utilized by the user and/or used to trigger the operating instructions. The client device may obtain the user information and may encrypt the obtained user information to generate the ciphertext of the user information. In some embodiments, the user information may be obtained from local storage.
The encryption algorithm utilized by the client is not limited to any specific algorithm. The client device may use any suitable encryption algorithm to encrypt the user information, for example, the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key, the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on.
In some embodiments, the client device may encrypt the obtained user information according to a preset encryption algorithm, for example, the client device and a server, for example, a proxy server may agree on the use of an encryption and/or decryption algorithm with the client device.
In step 202 an operation request that may include the ciphertext of the user information may be sent by the client device to a proxy server.
The client device may send an operation request that may include the ciphertext of the user information to the proxy server in order to prompt the proxy server to decrypt ciphertext of the user information to recover the plaintext of the user information and send an operation request that includes the plaintext of the user information to a destination server. Thereby, the destination server may obtain target data based on the operating instructions originated by the user.
In the some embodiments, the client device may respond to operating instructions triggered through the interface by the user, may obtain user information and may encrypt the obtained user information to generate the ciphertext of the user information, may send an operation request that includes the ciphertext of the user information to the proxy server. As a result, the proxy server may decrypt the user information from ciphertext to plaintext and may send an operation request that includes the plaintext of the user information to the destination server. In comparison with existing technology where user information is transmitted in the form of plaintext via a wireless network, the present disclosure provides the beneficial effect of securing the user information.
In some systems, the client device may be a wireless terminal device that may send the user information to a wireless network device for further delivery to the proxy server. The wireless network device may comprise a WiFi access point or any other suitable wireless device that may route the user information to the proxy server for further delivery to the destination server. The wireless terminal device may be any suitable communication and/or computing device, for example, a smart phone, tablet, laptop or wearable device.
Figure 3 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Figure 3 includes steps for operations performed by a proxy server after the proxy server receives an operation request that includes ciphertext of user information.
Figure 3 includes  steps  201 and 202 that are described with respect to Figure 2. After the step 202 that may include sending an operation request that includes ciphertext of user information to proxy server, some embodiments may proceed to further steps.
In step 203, the client device may receive a ciphertext response from the proxy server  according to the operation request.
For example, after the proxy server receives the operation request that may include the ciphertext of the user information, the proxy server may decrypt the ciphertext to obtain the plaintext of the user information and may send an operation request that may include the plaintext of the user information, to a destination server. Then, the destination server may respond to the operation request that may include the plaintext of the user information and may call or retrieve data corresponding to the user information, and thus obtain target data to be returned to the client device. In some systems, the target data may comprise plaintext. The destination server may send the target data to the proxy server. The proxy server may encrypt the target data and then send it to the client device in the form of ciphertext.
In step 204, the client device may parse and/or decrypt the ciphertext response received from the proxy server to obtain the target data received from the proxy server.
After receiving the ciphertext response returned by the proxy server, the client device may parse the ciphertext response to obtain the encrypted target data. The client device may then decrypt the target data to obtain the plaintext of the target data.
During the process of transmitting information between the client device and the proxy server device, the target data, the user information or any other information may be sent in the form of ciphertext, for example, encrypted plaintext. In this manner, even though the information may be transmitted between the client device and the proxy server via publicly accessible WiFi devices and may be captured by eavesdroppers using the publicly available WiFi devices, security of the transmitted information may be protected by the encryption. This process may solve security problems caused by transmitting data in the form of plaintext in a wireless network, for example, publicly accessible WiFi networks. Moreover, user information that may be communicated using a web browser, for example, Microsoft Explorer or other applications using a client device may not obtained by a third party, which may effectively ensure the safety of user information.
In some embodiments, the parsing and/or decrypting of the ciphertext response by the client device to obtain the target data returned by the proxy server may include decrypting the ciphertext of the target data according to a decryption algorithm that corresponds to or matches an encryption algorithm utilized by the proxy server device to encrypt the target data. In some systems, the client device may negotiate with the proxy server device regarding the encryption and/or  decryption algorithms and may negotiate regarding encryption and/or decryption keys. The negotiations may enable the client device and the proxy server device to exchange data smoothly. The disclosure is not limited to any specific type of encryption and/or decryption algorithms and any suitable encryption or decryption algorithms may be utilized.
In operation, a client device may respond to operating instructions triggered in a user interface by a user, obtain user information and encrypt the obtained user information to generate ciphertext of the user information. An operation request that may include the ciphertext of the user information may be sent by the client device to a proxy server device, for example, via a wireless network. The client device may receive a ciphertext response returned by the proxy server device via a wireless network. The present disclosure may provide a beneficial effect of further securing user information communicated via a wireless network.
Figure 4 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to the flow chart of Figure 4, the  steps  201, 202, 203 and 204 are described with respect to Figures 2 and 3. After step 204, the exemplary steps may proceed to step 205.
In step 205 the obtained target data may be pushed or presented to users by the client device, for example.
In operation, a client device may push target data obtained and returned by a proxy server, to users directly. The encryption and/or decryption operations performed by the client device may be transparent to users and/or a user interface provided for users, for example, a browser page displayed by the client device.
In this manner, the exemplary steps 201 through 205 may enable securing data communicated via a wireless network between users of a client device and a target server device, which may be transparent to the users. Special treatment may not be required for the users using, for example, a browser page or other communicating applications to gain the benefit of the secure wireless communication. Furthermore, changes in a web page or other applications may not be needed to perform the secure communication based on the exemplary steps 201 to 205. The embodiments of the present disclosure may ensure the safety of information transmission in wireless network while improving the efficiency of man-machine interaction.
Figure 5 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 5, the exemplary steps begin with step 501.
In step 501 a proxy server device may receive an operation request that may include ciphertext of user information sent by a client device. The proxy server device may parse the operation request and decrypt the cipher text of the user information to obtain plaintext of the user information. Then an operation request that includes the plaintext of the user information may be sent to a destination server.
In operation, in instances when a user accesses a web page or triggers other forms of data to be sent to a server device, the client device may respond to operating instructions triggered by the user interface and/or by the user, and may obtain user information. For example, in instances when a user inputs user information such as an account identifier, username and password etc., using a web browser, such as Microsoft Internet Explorer or other client applications, the client device may obtain the user information. Then the client device may encrypt the obtained user information to generate ciphertext of the user information. The client device may send the ciphertext of the user information to a proxy server device via a wireless network, for example, via a WiFi access point.
When the proxy server device receives the operation request from the client device, according to the operation instruction triggered by the user, the proxy server device may parse the operation request to extract the ciphertext of the user information included in the operation request. Then the proxy server device may decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to the encryption algorithm used to encrypt plaintext of the user information by the client device, in order to obtain plaintext of the user information. Next, the proxy server may send the decrypted plaintext of the user information to a destination server for subsequent data processing.
In exemplary step 502, the proxy server device may receive corresponding target data from a destination server. The target data may be called or retrieved by the destination server according to the plaintext of the user information, and then sent by the destination server to the proxy server.
The destination server may search a database according to the decrypted plaintext of the  user information sent by the proxy server, may call or retrieve target data corresponding to the plaintext of the user information, and may send the obtained target data to the proxy server device. Then, the proxy server device may receive the corresponding target data sent by the destination server.
In some embodiments, the data transmission between the proxy server and said destination server may be based on a wired network. For example, the destination server may send the obtained target data that corresponds to the plaintext of the user information, to the proxy server in the form of plaintext. However, in order to improve the data security further, the destination server may also encrypt the obtained target data and then send the encrypted target data to proxy server in the form of ciphertext.
In exemplary step 503 the proxy server may encrypt the received target data and may then send the target data to the client device in the form of ciphertext.
In instances when the destination server device sends the obtained target data to the proxy server device in the form of plaintext, through a wired network, the proxy server device may encrypt the received target data and may then send the encrypted target data to the client device in the form of ciphertext, through a wireless network.
In instances when the destination server encrypts the obtained target data and then sends the target data to the proxy server device in the form of ciphertext, through a wired network or a wireless network, the proxy server device may send the target data that has been encrypted by destination server to the client device in the form of ciphertext directly. However, in order to improve the data security further, the proxy server may also encrypt the encrypted target data and then send the twice encrypted target data to the client device in the form of ciphertext. In some systems, when the proxy server device receives the target data in the form of ciphertext from the destination server device, the proxy server device may decrypt the target data in accordance with preset encryption and/or decryption algorithms agreed upon by the destination server, to obtain the plaintext of target data. Then the proxy server device may encrypt the plaintext of target data according to preset encryption and decryption algorithm agreed upon with the client device, and may send the encrypted target data to the client in the form of ciphertext.
For convenience sake, in order to transmit the target data, the destination server may send the obtained target data to the proxy server in the form of plaintext through any suitable wired  network or wireless network. The proxy server may encrypt the received target data and may then send the encrypted target data to the client device in the form of ciphertext through a wireless network.
In operation, the proxy server device may receive an operation request that may include ciphertext of user information sent by a client device, may parse the operation request and decrypt the ciphertext of the user information to obtain the plaintext of the user information and may send an operation request that includes the plaintext of the user information to a destination server. The proxy server device may receive corresponding target data from the destination server, which may be called or retrieved by the destination server according to the plaintext of the user information. The proxy server may encrypt the received target data and then send the target data to the client device in the form of ciphertext. In comparison with existing technology where user information may be transmitted in the form of plaintext in a wireless network, the present disclosure may provide a beneficial effect of ensuring security of user information.
Figure 6 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 6, the exemplary steps begin with step 601.
In step 601, a client may respond to operating instructions triggered through an interface by a user. The user information may be obtained and encrypted to get ciphertext of user the information. Then the client may send an operation request that includes the ciphertext of the user information to a proxy server.
When users access web pages or trigger other forms of server data, the client may respond to the operating instructions triggered through the interface by user and may obtain user information. For example, when users input user information based on the Explorer application or other applications of the client, such as account, username and password etc. , the client may obtain the user information such as account, username and password etc. Then the client may encrypt the obtained user information to get ciphertext of the user information. The encryption algorithm of client is not limited to any specific type of encryption algorithm. The client may use any suitable encryption algorithm to encrypt the user information encrypted, for example, the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption  algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key , the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on.
In this embodiment, the client may encrypt the obtained user information according to an encryption algorithm agreed upon by the proxy server.
The client may send the operation request including the encrypted ciphertext of the user information so as to obtain target data requested by the operating instructions triggered by the user.
In step 602, the proxy server may receive and parse the operation request that includes the ciphertext of the user information sent by the client and may decrypt the ciphertext of the user information to obtain plaintext of the user information. Then the proxy server may send an operation request that may include the plaintext of the user information to a destination server.
When the proxy server receives the operation request from the client according to the operation instruction triggered by user, the proxy server may parse the operation request to extract the ciphertext of the user information included in the operation request. Then the proxy server may decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to the encryption algorithm which is used to encrypt plaintext of the user information by the client, in order to get plaintext of the user information. Next the proxy server may send the decrypted plaintext of the user information to a destination server for subsequent data processing.
In step 603 the destination server may call corresponding target data according to the plaintext of the user information and then may send the target data to the proxy server.
The destination server may search a database according based on the plaintext of the user information sent by the proxy server, may call the corresponding target data based on the plaintext of the user information and may send the target data to the proxy server.
In this embodiment, the data transmission between the proxy server and the destination server may be sent on a wired network, where the destination server may send the obtained target data according to the plaintext of the user information to the proxy server in the form of plaintext. However, in order to improve the data security further, the destination server may also encrypt the obtained target data and then send the encrypted target data to the proxy server in the form of ciphertext.
In step 604, the proxy server may encrypt the received target data and may then send the  encrypted target data to the client in the form of ciphertext.
In instances when the destination server sends the obtained target data to the proxy server in the form of plaintext through wired network, the proxy server may encrypt the target data and then send the encrypted target data to client in the form of ciphertext through wireless network.
In instances when the destination server encrypts the obtained target data and then sends the target data to the proxy server in the form of ciphertext through a wired network or wireless network, the proxy server may send the target data that has been encrypted by destination server to the client in the form of ciphertext directly. However, in order to improve data security further, the proxy server may also encrypt the encrypted target data and then send the twice encrypted target data to the client in the form of ciphertext. Further, when the proxy server receives the target data in the form of ciphertext from the destination server, the proxy server may decrypt the target data in the form of ciphertext returned by destination server, according to preset encryption and/or decryption algorithm agreed upon with the destination server to obtain the plaintext of target data. Then the proxy server may encrypt the obtained plaintext of target data according to preset encryption and/or decryption algorithm agreed upon with the client, and may send the encrypted target data to client in the form of ciphertext.
It may be more convenient, when transmitting the target data, for the destination server to send the obtained target data to the proxy server in the form of plaintext through a wired or wireless network. Then the proxy server may encrypt the target data and send the encrypted target data to the client in the form of ciphertext through a wireless network.
In operation, a client responds to operating instructions triggered through a user interface by a user, obtains user information and encrypts the obtained user information to get ciphertext of the user information, then sends an operation request that may include the ciphertext of the user information to a proxy server, via a wireless network, for example, via a WiFi network device. The proxy server may receive the operation request that includes the ciphertext of the user information sent by the client, may parse the operation request to obtain the ciphertext of the user information and decrypt the ciphertext to obtain the plaintext of the user information. Then the proxy server may send an operation request that may include the plaintext of the user information to a destination server. The destination server may call or retrieve corresponding target data based on the plaintext of the user information, and may then send the target data to the proxy server. The proxy  server may encrypt the received target data and then send the encrypted target data to the client in the form of ciphertext. In comparison with the existing technology where user information is transmitted in the form of plaintext in a wireless network, the present disclosure may provide the beneficial effect of ensuring the security of the user information.
Figure 7 is a flowchart including exemplary steps of a method for information transmission in accordance with an embodiment of the disclosure. Figure 7 includes the exemplary steps 601-604 as described with respect to Figure 6. After step 604, the exemplary steps may proceed to step 605.
In step 605 the client may decrypt target data received from the proxy server in the form of ciphertext, and may send the decrypted target data to the user.
In some embodiments, after receiving the ciphertext response returned by the proxy server, the client may parse the ciphertext response so as to obtain the encrypted target data that may be included in the ciphertext response. The client may then decrypt the encrypted target data to obtain the plaintext of target data.
During the process of data transmission between the client and proxy server in a wireless network, the transmitted data that may include user information or other private information may all be sent in the form of ciphertext. For this reason, even though the user information may be transmitted to and/or processed by a publicly accessible WiFi device when being transmitted between the client and proxy server, and may be captured by eavesdroppers, the eavesdroppers may be unable to obtain the protected user information. This method may solve the safety problems caused by transmitting data in the form of plaintext in a wireless network, for example, using publicly accessible WiFi systems. It may ensure that user information, for example, information input by a user and sent over a wireless network by a web browser or other communicative application may not be obtained by a third party, which may effectively ensure the safety of the user information.
Alternatively, in some embodiments of the disclosure, the parsing of the ciphertext response by the client so as to obtain the target data received from the proxy server may include decrypting the ciphertext response to obtain plaintext of the target data according to a decryption algorithm that corresponds to an encryption algorithm used by the proxy server to encrypt the target data. The client may negotiate with the proxy server regarding the corresponding encryption and decryption algorithms and/or encryption and decryption keys in order to improve efficiency when the  client and the proxy server transmit data.
The encryption and/or decryption algorithms utilized in any of the methods, devices or systems described herein, are not limited to any specific type of encryption and/or decryption algorithm. Any suitable encryption and/or decryption algorithm may be utilized to encrypt the user information, the target data and/or any other information prior to transmission. For example, some algorithms that may be utilized may include the symmetric encryption algorithm DES (Data Encryption Standard) and AES (Advanced Encryption Standard) , the symmetric algorithm 3DES (Triple DES) based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA (International Data Encryption Algorithm) using 128-bit encryption key , the asymmetric algorithms RSA and DSA (Digital Signature Algorithm) and so on, however, the disclosure is not limited in this regard.
The client may send or push the obtained plaintext target data to users directly. The encryption and/or decryption operations used in the client and/or proxy server may be transparent to the user and the user interface, for example, a browser page on the client. Special treatment may not be required for the users using a browser page or other communicating applications in order to gain the benefit of secure wireless communication. Furthermore, changes in a web page or other application may not be needed in order to perform the secure communication based on methods, devices and systems described herein. The embodiments of the present disclosure may ensure the safety of information transmission in wireless networks while improving the efficiency of man-machine interaction.
Figure 8 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 8, there is shown a client device 810, an obtaining module for user information 801 and a sending module 802.
The client device 810 may comprise a user terminal device that may be operable to communicate via a wireless network, for example, a WiFi network or any other type of wireless network utilizing any suitable wireless technology. The client device 810 may comprise for example, a wireless phone or smart phone, or any computing and/or communication device that may communicate via a wireless network, for example, a tablet computer, laptop computer. The client device 810 may comprise the obtaining module for user information 801 and the sending module 802. 
The obtaining module for user information 801 may comprise any suitable circuitry, hardware processors, interfaces, logic or code that may be operable to respond to operating instructions triggered in a user interface by user. The obtaining module 801 may be utilized to obtain user information and may encrypt the user information to generate ciphertext of the user information.
When a user accesses a web page or triggers other forms of data for transmission to a server, the obtaining module for user information 801 may respond to operating instructions that may be triggered in a user interface by a user and may obtain user information. For example, when the user inputs user information in a web browser, for example, Microsoft Internet Explorer or any other suitable application in the client device 810, where the user information may include an account identifier, a username, a password and/or any other suitable user data, the obtaining module for user information 801 may obtain the input user information. Then, the obtaining module for user information 801 may encrypt the obtained user information to generate ciphertext of the user information.
The obtaining module for user information 801 is not limited to any specific type of encryption and/or decryption algorithm and may utilize any suitable encryption and/or decryption algorithm. For example, any of the symmetric encryption algorithm DES and AES, the symmetric algorithm 3DES based on DES, the symmetric algorithm RC2 and RC4, the encryption algorithm IDEA using 128-bit encryption key, the asymmetric algorithms RSA and DSA and any other suitable algorithms may be utilized.
In some embodiments, the obtaining module for user information 801 may encrypt the obtained user information based on an encryption algorithm that is agreed upon by the client device 810 and a proxy server to which the user information may be transmitted.
The sending module 802 may comprise any suitable circuitry, hardware processors, interfaces, logic or code that may be operable to send an operation request that may include the ciphertext of the user information to the proxy server.
The sending module 802 may send an operation request that includes the ciphertext of the user information to the proxy server in order to request that the proxy server decrypt the ciphertext of the user information to obtain plaintext of the user information and to send an operation request that may include the plaintext of the user information to a destination server. Based on the  operation request and the plaintext of the user information, the destination server may retrieve target data that corresponds to the operating instructions triggered by user in the client device 810.
In operation, the client device 810 may respond to operating instructions triggered in the user interface by the user, obtain the user information and encrypt the obtained user information to generate ciphertext of the user information. The client device 810 may send an operation request that may include the ciphertext of the user information to the proxy server in order to request that the proxy server decrypt the user information from the ciphertext to obtain plaintext of the user information and send an operation request that includes the plaintext of the user information to the destination server.
Figure 9 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 9, there is shown a client device 910 that may comprise the obtaining module for user information 801, the sending module 802 and a target data obtaining module 803. The obtaining module 801 and sending module 802 are described with respect to Figure 8.
The client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to execute the client methods and steps described herein with respect to the Figures 2-13.
The target data obtaining module 803 of the client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive a ciphertext response from the proxy server and may parse the ciphertext response to obtain target data returned sent by the proxy server. The ciphertext response may be generated by the proxy server by encrypting a plaintext of the target data response returned by the destination server.
After the proxy server may receive an operation request that may include ciphertext of the user information from the obtaining module for user information 801, the proxy server may decrypt the ciphertext of the user information to obtain plaintext of the user information and may send an operation request that includes the plaintext of the user information to the destination server. The destination server may respond to the operation request that may include the plaintext of the user information, may call or retrieve data corresponding to the user information, and thus may obtain target data for the client device 910. The destination server may send the target data for the client device to the proxy server. The proxy server may encrypt the target data and may then send the  encrypted target data as a response to the target data obtaining module 803 in the client device 910 in the form of ciphertext.
After receiving the ciphertext of response of the target data returned by the proxy server, the target data obtaining module 803 of the client device 910 may parse the ciphertext response to obtain the encrypted target data that may be included in the ciphertext response and may decrypt the target data to obtain plaintext of the target data.
During transmission of data between the client device 910 and the proxy server or between the client device 810 and the proxy server, the data may be transmitted in the form of ciphertext via a wireless network. In this manner, even though the user information may be transmitted to and/or processed by a publicly accessible WiFi device when being transmitted between the client device 910 and proxy server, and may be captured by eavesdroppers, the eavesdroppers may be unable to obtain the protected user information. This method may solve the safety problems caused by transmitting data in the form of plaintext in a wireless network, for example, using publicly accessible WiFi systems. By transmitting ciphertext of the user information or target information, the information sent over a wireless network by a web browser or other communicative application may not be obtained by a third party, which may effectively ensure the safety of the user information.
The target data obtaining module 803 of the client device 910 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to parse the response from the proxy server to obtain the ciphertext of the target data. The ciphertext of the target data may be decrypted using a decryption algorithm that corresponds to an encryption algorithm used to encrypt the target data by the proxy server. In some systems, the client device 910 may negotiate with the proxy server to determine which encryption and/or decryption algorithms and/or which encryption and/or decryption keys to utilize. In this manner communication between the client device 910 and the proxy server device may run more efficiently.
In operation, the client device 910 may respond to operating instructions triggered in a user interface by a user, may obtain user information and may encrypt the user information to generate ciphertext of the user information. The client device 910 may send an operation request that may include the ciphertext of the user information to a proxy server, for example, via a wireless network. In some systems, the ciphertext of the user information may be sent to a network device such as a WiFi access point that may be available for use by other users without need for password  permission to access the WiFi access point; however, the disclosure is not limited in this regard. In some embodiments, the proxy server may send the user information to a destination server and may receive a response from the destination server; however, the disclosure is not limited in this regard. For example, the client device 910 may receive a ciphertext response from the proxy server in accordance with the operation request. The client device 910 may parse and/or decrypt the ciphertext response to obtain target data returned by the proxy server. In this manner, transmission of ciphertext of the user information and ciphertext of the target data between the client device 910 and the proxy server, rather than plaintext, may improve data security and privacy for the user information and the target data, relative to existing technology where user information is transmitted in the form of plaintext in a wireless network.
Figure 10 is a block diagram of a client device comprising function modules utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 10, there is shown a client device 1010 that may comprise the obtaining module for user information 801, the sending module 802, the target data obtaining module 803 and a pushing module 804. The obtaining module for user information 801, the sending module 802 and the target obtaining module 803 are described with respect to Figures 8 and 9.
The client device 1010 may comprise one or more processor means, , interfaces, logic and/or code that may be operable to execute the client methods and steps described herein with respect to the Figures 2-13. In the embodiment, the one or more processor means may be any suitable circuitry, or hardware processors.
The pushing module 804 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to push or send target data obtained from a destination server, to users for user access to the target data.
The pushing module 804 may send or push obtained target data returned by the proxy server to users directly. The encryption and/or decryption operations may be done on the client, and may be transparent to the user and user interface, such as a browser page of the client device 1010. In this regard, users and the target server may not need to apply or receive any special treatment. Furthermore, the present disclosure may not require changes to browser pages or other communicative applications while the methods described herein may enable securing of information transmitted in a wireless network and/or providing efficiency of man-machine interaction.
Figure 11 is a block diagram of a server device comprising function modules that may be utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 11, there is shown a proxy server 1110 that may include a decrypting module 1101, a receiving module 1102 and an encrypting module 1103.
The proxy server 1110 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to execute the proxy server methods and steps described herein with respect to the Figures 2-13.
The decrypting module 1101 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive an operation request that may include ciphertext of user information sent by the  client device  810, 910, or 1010, for example. The decrypting module 1101 may parse the operation request to obtain the ciphertext of the user information and may decrypt ciphertext of the user information to obtain plaintext of the user information from the  client device  810, 910, or 1010. The decrying module 1101 may then send an operation request that may include the plaintext of the user information to a destination server.
When a user accesses a web page or triggers other forms of transmission of server data from the  client device  810, 910, or 1010, the  respective client device  810, 910, or 1010 may respond to operating instructions triggered through the interface by the user and may obtain the user information. For example, when a user inputs user information such as account, username and password etc. , using a browser application, for example, Microsoft Internet Explorer or other communicative applications executed on the  client device  810, 910, or 1010, the client device may obtain the user information such as account, username and password etc. Then, the  client device  810, 910, or 1010 may encrypt the obtained user information to generate the ciphertext of the user information and may send an operation request that includes the ciphertext of the user information to the decrypting module 1101 of the proxy device 1110.
When the decrypting module 1101 receives the operation request from the  client device  810, 910, or 1010 based on the operation instruction triggered by the user, the proxy server 1110 may parse the operation request to extract the ciphertext of the user information included in the operation request. The decrypting module 1101 may then decrypt the ciphertext of the user information according to a decryption algorithm that corresponds to an encryption algorithm that is used to encrypt plaintext of the user information in order to obtain the plaintext of the user information. The  decrypting module may then send the plaintext of user the information to the destination server for subsequent data processing.
The receiving module 1102 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to receive target data that may be received in response to the operation request including the plaintext of the user information sent to the destination server. The target data may be called or retrieved by a destination server in accordance with the operation request and/or the plaintext of user information and sent to the proxy server 1110.
The destination server may search a database according to the decrypted plaintext of the user information sent by the decrypting module 1101, and may call or retrieve target data corresponding to the plaintext of the user information. The destination server may send the target data to the receiving module 1102 the proxy server 1110. The receiving module 1102 may receive the corresponding target data.
In some systems, the data may be transmitted and received by the proxy server 1110 and the destination server on a wired network where the destination server may send the target data that corresponds to the plaintext of the user information to the receiving module 1102 in the form of plaintext. However, in some systems, in order to improve security of the transmitted data, the destination server may encrypt the target data and then send the encrypted target data to the receiving module 1102 in the form of ciphertext.
The encrypting module 1103 may comprise any suitable circuitry, hardware processors, interfaces, logic and/or code that may be operable to encrypt the target data received by the receiving module 1102 and send the encrypted target data to the  client device  810, 910, or 1010 in the form of ciphertext.
In instances when the destination server sends the target data to the receiving module 1102 in the form of plaintext, through wired network, the encrypting module 1103 may encrypt the received target data and then send the encrypted target data to  client device  810, 910, or 1010 in the form of ciphertext through a wireless network.
In instances when the destination server encrypts the target data and then sends the encrypted target data to the receiving module 1102 in the form of ciphertext through a wired network or through a wireless network, the encrypting module 1103 may send the target data that has been  encrypted by destination server to  client device  810, 910, or 1010, in the form of ciphertext directly. However, in order to further improve data security of the target data, the encrypting module 1103 may encrypt the encrypted target data and then send the twice encrypted target data to the  client device  810, 910, or 1010 in the form of ciphertext.
Moreover, in instances when the receiving module 1102 of the proxy server device 1110 receives target data in the form of ciphertext from the destination server, the encrypting module 103 may decrypt the ciphertext target data received from the destination server based on an encryption and/or decryption algorithm agreed upon by the destination server and the proxy server 1110 to obtain the plaintext of the target data. Then the encrypting module 1103 may encrypt the plaintext of the target data based on an encryption and/or decryption algorithm agreed upon by the  client device  810, 910, or 1010 and the proxy server 1110, and may send the encrypted target data to the  client device  810, 910, or 1010 in the form of ciphertext.
With respect to transmitting target data, it may be more convenient for the destination server to send the target data to the receiving module 1102 of data in the form of plaintext through a wired network or wireless network where the encrypting module 1103 may encrypt the target data and then send the encrypted target data to the  client device  810, 910, or 1010 in the form of ciphertext through wireless network.
In operation, the proxy server 1110 may receive an operation request that may include ciphertext of user information sent by a  client device  810, 910, or 1010. The proxy server 1110 may parse the operation request and decrypt the ciphertext of the user information to obtain plaintext of the user information. The proxy server 1110 may then send an operation request that may include the plaintext of the user information to a destination server. The proxy server 1110 may receive corresponding target data from the destination server that may be called or retrieved by the destination server according to the plaintext of the user information. The proxy server 1110 may encrypt the received target data and may then send the encrypted target data to the  client device  810, 910, or 1010 in the form of ciphertext. In comparison with existing technology where user information is transmitted in the form of plaintext through a wireless network, the present disclosure may provide a beneficial effect of ensuring the security of the user information.
Figure 12 is a block diagram of a system utilized for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 12, there is shown a system  1200 that may comprise a proxy server device 1201, a destination server device 1202 and a client device 1203. The client device 1203 may be similar or substantially the same as at least one of the  client device  810, 910, or 1010. The proxy server device 1201 may be similar or substantially the same as the proxy server 1110. The destination server device 1202 may be similar or substantially the same as the destination server described with respect to Figures 2-13 of the present disclosure. The system 1200 may be operable to execute the methods described herein with respect to Figures 2-13.
Figure 13 is an illustration of an exemplary system deployment for information transmission in accordance with an embodiment of the disclosure. Referring to Figure 13 there is shown the system 1300 comprising a client device 1313, a proxy server device 1311 and a destination server device 1312. Also shown are a WiFi access point 1314 and an eavesdropping user terminal 1315. The client device 1313 may be referred to as a wireless terminal device.
The client device 1313 may be similar or substantially the same as the client device 1203. The proxy server device 1311 may be similar or substantially the same as the proxy server 1201 and the destination server device 1312 may be similar or substantially the same as the destination server 1202.
The system 1300 may comprise a communication network where, the client device 1313 and the proxy server 1311 may be communicatively coupled. Furthermore, one or both of the client device 1313 and the proxy server device 1311 may be communicatively coupled to the WiFi access point 1314 via a wireless network. The proxy server device 1311 and the destination server 1312 may be communicatively coupled via a wired or wireless network. Moreover, the eavesdropping user terminal 1315 may be communicatively coupled to the WiFi access point 1314.
Referring to Figure 13, the client device 1313 may be configured to respond to operating instructions triggered through a user interface by a user, obtain user information and encrypt the user information to generate ciphertext of the user information. The client device 1313 may send an operation request that may include the ciphertext of the user information to the proxy server 1311. The proxy server 1311 may be configured to receive and parse the operation request that includes the ciphertext of the user information sent by the client device 1313, to obtain plaintext of the user information. The proxy server 1311 may send an operation request that may include the plaintext of the user information to the destination server 1312. The destination server device 1312 may be configured to call target data corresponding to the plaintext of the user information and may send the  target data to the proxy server device 1311. The proxy server device 1311 also be configure to encrypt the target data and send the encrypted target data to the client device 1313 in the form of ciphertext.
Referring to Figures 12 and 13, in instances when a user of a wireless terminal, for example, of the client device 1313, accesses a user interface, for example, a web page, or triggers the transmission data to a server device, for example, the destination server device 1312, the client device 1313 may respond to operating instructions generated by the user utilizing the user interface and may obtain user information. For example, in instances when a user may input user information such as, for example, an account identifier, username and/or password, utilizing Microsoft Internet Explorer or another suitable application that may be executed by the client device 1313, the client device 1313 may obtain the user information. The client device 1313 may then encrypt the obtained user information to generate ciphertext of the user information. The encryption and/or decryption algorithms utilized by the client device 1313 are not limited to any specific type of encryption and/or decryption algorithm and any suitable encryption or decryption algorithms may be utilized.
The encryption and/or decryption algorithms utilized by the client 1313 may be agreed upon by the proxy server device 1311 and the client device 1313.
The client device 1313 may send an operation request that may include the ciphertext of the user information, to the proxy server 1311 in order to obtain target data from the destination server 1312. The target data may be requested in the operating instructions triggered by user in the user interface.
When the proxy server device 1311 receives the operation request from the client device 1313, the proxy server 1311 may parse the operation request to extract the ciphertext of user information that may be included in the operation request. The proxy server 1311 may then decrypt the ciphertext of the user information based on a decryption algorithm that corresponds to an encryption algorithm utilized to encrypt the plaintext of the user information, and may obtain the plaintext of the user information. The proxy server device 1311 may send the decrypted plaintext of the user information to the destination server device 1312 for subsequent data processing.
The destination server device 1312 may search a database based on the decrypted plaintext of the user information sent by the proxy server 1311 and may call or retrieve the target data corresponding to the plaintext of the user information. The destination server may send the target  data to proxy server 1311.
In some embodiments, the transmission of the data between said proxy server 1311 and the destination server 1312 may occur in a wired network, where the destination server 1312 may send the target data corresponding to the plaintext of the user information to the proxy server 1311 in the form of plaintext. Alternatively, data security may be further improved, by encrypting the target data in the destination server device 1312 and sending the encrypted target data to the proxy server 1311 in the form of ciphertext.
The encrypting module 1103 of the proxy server 1311 may be configured to encrypt received target data and then send the encrypted target data to the client device 1313 in the form of ciphertext.
In instances when the destination server 1312 sends the target data to the proxy server device 1311 in the form of plaintext through a wired network, the proxy server device 1311 may encrypt the target data and send the encrypted target data to client device 1313 in the form of ciphertext through wireless network.
In instances when the destination server 1312 encrypts the target data and then sends the target data to the proxy server 1311 in the form of ciphertext through wired or wireless network, the proxy server 1311 may send the target data that has been encrypted by destination server 1312 to the client device 1313 in the form of ciphertext directly. However, in order to further improve security of the data, the proxy server device 1311 may also encrypt the encrypted target data again and then send the twice encrypted target data to the client device 1313 in the form of ciphertext. In instances when the proxy server 1311 receives the target data in the form of ciphertext as returned by the destination server 1312, the proxy server 1311 may decrypt the ciphertext of the target data according to a preset encryption and/or decryption algorithm that may be agreed upon by the destination server 1312 and the proxy server 1311, to obtain the plaintext of target data. Then the proxy server device 1311 may encrypt the plaintext of the target data according to a preset encryption and/or decryption algorithm agreed upon by the client device 1313 and the proxy server device 1311, and may send the encrypted target data to the client 1313 in the form of ciphertext.
In operation, the client device 1313 may respond to operating instructions triggered through a interface by a user, may obtain user information of the user and may encrypt the obtained user information to get ciphertext of user information. The client device 1313 may send an  operation request that may include the ciphertext of the user information to the proxy server device 1311. The proxy server device 1311 may receive the operation request that may include the ciphertext of the user information and may parse the operation request to extract the ciphertext of the user information. The proxy server 1311 may decrypt the ciphertext of the user information to obtain the plaintext of the user information. The proxy server 1311 may then send an operation request that may include the plaintext of the user information to the destination server 1312. The destination server 1312 may call or retrieve target data based on the plaintext of the user information, and may then send the target data to the proxy server 1311. The proxy server 1311 may then encrypt the received target data and may send the encrypted target data to the client device 1313 in the form of ciphertext.
In comparison with existing technologies where user information is transmitted in the form of plaintext through a wireless network, the present disclosure may provide a beneficial effect of ensuring the security of the user information. For example, the encrypted user information may be transmitted to the proxy server 1311 from the client device 1313 via the WiFi access point 1314 and may be processed by the WiFi access point 1314 while on route to the proxy server 1311, and the encrypted target data may be transmitted via the WiFi access point 1314 and/or processed by the WiFi access point 1314 while on route to the client device 1313. In instances when the WiFi access point 1314 may be accessed by the eavesdropping user terminal 1315, attempting to intercept the user information and/or the target data, the data may be protected from the eavesdropping by the encryption of the data.
It is worth noting that in the present disclosure, the terms “comprise” and “include” or any other variants, are intended to cover non-exclusive lists, items, processes, methods, or devices that may include a non-exclusive plurality of elements and may include additional elements that may not be explicitly stated.
In some embodiments of the disclosure, the methods described above with respect to Figures 2-13 may be performed by executing software instructions in a hardware platform. Based on this understanding, the essence of a technical scheme of the present disclosure or a contribution to existing technology may be realized in the form of a software product, executed by the client devices shown in Figure 8, Figure 9 and/or Figure 10, the proxy server shown in Figure 11, Figure 12 and Figure 13, and the wireless terminal shown in figure 13. The software product may be stored in a  storage medium (such as ROM/RAM, disk, cd-rom) . Said storage medium may be a medium of the proxy server shown in figure 11, figure 12 and figure 13, or the medium of the destination server shown in figure 12 and figure 13, or the medium of the wireless terminal shown in figure 13. The proxy server shown in figure 11, figure 12 and figure 13, or the destination server shown in figure 12 and figure 13, or the wireless terminal shown in figure 13 may include several instructions to cause the proxy server shown in figure 11, figure 12 and figure 13, or the destination server shown in figure 12 and figure 13, or the wireless terminal (such as mobile, computer, server, or network device) shown in figure 13 implement the described methods of present disclosure.
The foregoing descriptions are merely specific embodiments of the present disclosure, but are not intended to limit the protection scope of the present disclosure. Any variation or replacement readily determined by persons skilled in the art within the technical scope of the present disclosure, shall all fall within the protection scope of the present disclosure.

Claims (19)

  1. A method for information transmission, said method comprising:
    in a wireless client device:
    triggering an operating instruction in a user interface;
    obtaining user information in response to said operating instruction;
    encrypting said user information to generate ciphertext of said user information;
    sending an operation request that includes said ciphertext of said user information to a proxy server, wherein said operation request prompts said proxy server to decrypt said ciphertext of said user information to obtain plaintext of said user information and send an operation request that includes said plaintext of said user information to a destination server;
    wherein said encrypting said user information includes encrypting said user information based on an encryption algorithm that is agreed upon by said proxy server and said wireless client device.
  2. The method of claim 1, further comprising:
    receiving a response that includes ciphertext of target data from said proxy server, wherein said ciphertext of said target data is generated by said proxy server by encrypting plaintext of said target data that is received by said proxy server in a response returned by said destination server;
    decrypting, by said wireless client device, said ciphertext of said target data that is included in said response from said proxy server to obtain plaintext of said target data returned by said destination server to said proxy server.
  3. The method of claim 2, further comprising:
    pushing said target data to a user interface on said wireless client device for access by said user.
  4. The method of claim 2, wherein said decrypting said ciphertext of said target data includes decrypting said ciphertext of said target data based on a decryption algorithm that is agreed upon by said proxy server and said wireless client device.
  5. The method of claim 1, wherein said proxy server:
    receives said operation request that includes said ciphertext of said user information sent by said wireless client device;
    parses said operation request to obtain said ciphertext of said user information;
    decrypts said ciphertext of said user information to obtain plaintext of said user information;
    sends an operation request that includes said plaintext of said user information to said destination server;
    receives target data that is retrieved by said destination server based on said plaintext of said user information and is sent by said destination server to said proxy server;
    encrypts said target data; and
    sends said encrypted target data to said wireless client device in the form of ciphertext.
  6. The method of claim 5, wherein data transmission between said proxy server and said destination server occurs on a wired network.
  7. The method of claim 5, wherein said proxy server receives said target data that is sent by destination server to said proxy server, in the form of plaintext of said target data.
  8. The method of claim 5, wherein said proxy server receives said target data that is sent by destination server in the form of ciphertext, and wherein said target data is encrypted by said destination server according to a preset encryption algorithm agreed upon by the proxy server and the destination device.
  9. The method according to claim 8, wherein said proxy server:
    decrypts said target data in the form of ciphertext;
    encrypts said decrypted target data based on an encryption algorithm agreed upon by the proxy server and the wireless client device; and
    sends said encrypted target data to said wireless client device.
  10. A wireless client device for information transmission, wherein said wireless client device comprises one or more hardware processors or circuits that are operable to:
    in an obtaining module for user information:
    trigger operating instructions in a user interface;
    obtain user information in response to said operating instructions;
    encrypt said user information to generate ciphertext of said user information; andin a sending module for requests:
    send an operation request that includes said ciphertext of said user information to a proxy server device, wherein said operation request that includes said ciphertext prompts said proxy server device to decrypt said ciphertext of said user information to obtain plaintext of said user information and send an operation request that includes said plaintext of said user information to a destination server device;
    wherein said encrypting of said user information includes encrypting said user information based on an encryption algorithm that is agreed upon by said proxy server device and said wireless client device.
  11. The wireless client device of claim 10, wherein said one or more hardware processors or circuits are operable to:
    in a target data obtaining module:
    receive a response that includes ciphertext of target data from said proxy server device, wherein said ciphertext of said target data is generated by said proxy server device by encrypting plaintext of said target data that is received by said proxy server device in a response returned by said destination server device ; and
    decrypt said ciphertext of said target data that is included in said response from said proxy server device to obtain plaintext of said target data returned by said destination server device to said proxy server device.
  12. The wireless client device of claim 11, wherein said one or more hardware processors or circuits are operable to:
    push said target data to a user interface for access by said user.
  13. The wireless client device of claim 12, wherein said decrypting said ciphertext of said target data by said target obtaining module includes decrypting said ciphertext of said target data based on a decryption algorithm that is agreed upon by said proxy server device and said wireless client device. 
  14. A proxy server device for information transmission wherein said proxy server device comprises one or more hardware processors or circuits that are operable to:
    in a decrypting module:
    receive an operation request that includes ciphertext of user information sent by a wireless client device;
    parse said operation request to obtain said ciphertext of said user information;
    decrypt said ciphertext of said user information to obtain plaintext of said user information, wherein said decrypting of said user information includes decrypting said user information based on an encryption or decryption algorithm that is agreed upon by said proxy server and said wireless client device;
    send an operation request that includes said plaintext of said user information, to a destination server device;
    in a receiving module:
    receive target data from said destination server device, wherein said target data is retrieved by said destination server device based on said plaintext of said user information;
    in an encrypting module, encrypt said target data and send said encrypted target data to said wireless client device in the form of ciphertext, wherein said encrypting of said target data includes encrypting said target data based on an encryption or decryption algorithm that is agreed upon by said proxy server and said wireless client device.
  15. The proxy server device of claim 14, wherein said one or more hardware processors or circuits are operable to transmit and receive information to and from said destination server device on a wired network.
  16. The proxy server device of claim 15, wherein said one or more hardware processors or circuits are operable to receive said target data sent by destination server device in the form of plaintext.
  17. The proxy server device of claim 15, wherein said one or more hardware processors or circuits are operable to receive said target data that is sent by said proxy server device in the form of ciphertext, and wherein said target data is encrypted by said destination server device according to a preset encryption algorithm that is agreed upon with said proxy server.
  18. The proxy server device of claim 17, wherein said one or more hardware processors or circuits are operable to:
    decrypt said target data in the form of ciphertext;
    encrypt said decrypted target data; and
    send said encrypted target data to said wireless client device.
  19. The proxy server device of claim 14, wherein said proxy server device is part of a system for information transmission, wherein said system for information transmission comprises said wireless client device, said proxy server device and said destination server device, wherein:
    said wireless client device is configured to:
    trigger operating instructions in a user interface by a user;
    obtain user information in response to said operating instructions;
    encrypt said user information to generate ciphertext of said user information based on an encryption algorithm agreed upon with said proxy server device; and
    send an operation request that includes said ciphertext of said user information to said  proxy server device;
    said proxy server device is configured to:
    receive said operation request that includes said ciphertext of said user information;
    parse said operation request to obtain said ciphertext of said user information;
    decrypt said ciphertext of said user information to obtain plaintext of said user information; and
    send an operation request that includes said plaintext of said user information to a destination server device; and
    said destination server device is configured to:
    retrieve target data based on said plaintext of said user information; and
    send said target data to said at least one proxy server device;
    wherein said proxy server device is configured to:
    receive said target data from said at least one destination server device;
    encrypt said received target data in accordance with an encryption algorithm agreed upon with the wireless client device; and
    send said target data to said wireless client device in the form of ciphertext.
PCT/CN2014/088378 2013-10-17 2014-10-11 Method, client, server and system for information transmission WO2015055101A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310489290.6 2013-10-17
CN201310489290.6A CN104580086A (en) 2013-10-17 2013-10-17 Information transmission method, client side, server and system

Publications (1)

Publication Number Publication Date
WO2015055101A1 true WO2015055101A1 (en) 2015-04-23

Family

ID=52827661

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/088378 WO2015055101A1 (en) 2013-10-17 2014-10-11 Method, client, server and system for information transmission

Country Status (2)

Country Link
CN (1) CN104580086A (en)
WO (1) WO2015055101A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190123891A1 (en) * 2017-10-19 2019-04-25 Mellanox Technologies, Ltd. Method and apparatus for decrypting and authenticating a data record
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium
CN112738117A (en) * 2020-12-31 2021-04-30 青岛海尔科技有限公司 Data transmission method, device and system, storage medium and electronic device
US20220083374A1 (en) * 2020-09-11 2022-03-17 Huakong Tsingjiao Information Science (Beijing) Limited Method for processing data, task processing system and electronic equipment

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994087A (en) * 2015-06-26 2015-10-21 中国联合网络通信集团有限公司 Data transmission method and system
CN106856468A (en) * 2015-12-08 2017-06-16 中国科学院声学研究所 A kind of TSM Security Agent device for being deployed in cloud storage service end and TSM Security Agent method
CN107733841B (en) * 2016-08-12 2021-01-26 阿里巴巴集团控股有限公司 Message transmission method and device based on multiple encryption
CN108632228B (en) * 2017-03-24 2021-02-09 优估(上海)信息科技有限公司 Decision engine scheduling method and system
CN107395620A (en) * 2017-08-17 2017-11-24 无锡清华信息科学与技术国家实验室物联网技术中心 A kind of network transmission encrypting and decrypting method based on random bytes mapping
CN109861944A (en) * 2017-11-22 2019-06-07 浙江智贝信息科技有限公司 A kind of distributed information safe handling and exchange method and its interactive system
CN110415003B (en) * 2018-04-26 2024-04-12 朱海威 Order processing system, method and readable medium
CN108965311A (en) * 2018-07-27 2018-12-07 平安科技(深圳)有限公司 Encryption of communicated data method and apparatus
CN109067739B (en) * 2018-07-27 2021-10-08 平安科技(深圳)有限公司 Communication data encryption method and device
CN111327617B (en) * 2020-02-25 2022-08-12 北京同邦卓益科技有限公司 Data transmission method, device, server and storage medium
CN112580082B (en) * 2020-12-29 2022-04-05 北京深思数盾科技股份有限公司 Data processing method and encryption lock equipment
CN112291388A (en) * 2020-12-31 2021-01-29 飞天诚信科技股份有限公司 Position information determining method and device, electronic equipment and readable storage medium
CN114826693A (en) * 2022-04-07 2022-07-29 中通服创立信息科技有限责任公司 Data interaction method, device and medium
CN114844693B (en) * 2022-04-27 2024-03-26 深圳云创数安科技有限公司 Lightweight communication data encryption method, device, equipment and storage medium
CN116232769B (en) * 2023-05-08 2023-07-18 北京金商祺科技有限公司 Safe interaction method and platform

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801727A (en) * 2005-01-07 2006-07-12 腾讯科技(深圳)有限公司 Network service information processing system and method
CN101090400A (en) * 2007-08-07 2007-12-19 北京立通无限科技有限公司 Safety transmitting method and system for information of mobile user
EP2000917A1 (en) * 2006-03-07 2008-12-10 Sony Corporation Information processing device, information processing method, and computer program
CN103001926A (en) * 2011-09-09 2013-03-27 华为技术有限公司 Method, device and system for subscription notification

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889426B (en) * 2005-06-30 2010-08-25 联想(北京)有限公司 Method and system for realizing network safety storing and accessing
CN102118392A (en) * 2011-01-18 2011-07-06 南京朗睿软件科技有限公司 Encryption/decryption method and system for data transmission
CN103325036B (en) * 2012-01-16 2018-02-02 深圳市可秉资产管理合伙企业(有限合伙) The mobile device of Secure Transaction is carried out by insecure network
CN102695168B (en) * 2012-05-21 2015-03-25 中国联合网络通信集团有限公司 Terminal equipment, encrypted gateway and method and system for wireless network safety communication
CN103036880A (en) * 2012-12-12 2013-04-10 华为技术有限公司 Network information transmission method, transmission equipment and transmission system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801727A (en) * 2005-01-07 2006-07-12 腾讯科技(深圳)有限公司 Network service information processing system and method
EP2000917A1 (en) * 2006-03-07 2008-12-10 Sony Corporation Information processing device, information processing method, and computer program
CN101090400A (en) * 2007-08-07 2007-12-19 北京立通无限科技有限公司 Safety transmitting method and system for information of mobile user
CN103001926A (en) * 2011-09-09 2013-03-27 华为技术有限公司 Method, device and system for subscription notification

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190123891A1 (en) * 2017-10-19 2019-04-25 Mellanox Technologies, Ltd. Method and apparatus for decrypting and authenticating a data record
US10979212B2 (en) * 2017-10-19 2021-04-13 Mellanox Technologies, Ltd. Method and apparatus for decrypting and authenticating a data record
US11658803B2 (en) 2017-10-19 2023-05-23 Mellanox Technologies, Ltd. Method and apparatus for decrypting and authenticating a data record
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium
CN111460503B (en) * 2020-04-01 2024-03-12 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium
US20220083374A1 (en) * 2020-09-11 2022-03-17 Huakong Tsingjiao Information Science (Beijing) Limited Method for processing data, task processing system and electronic equipment
CN112738117A (en) * 2020-12-31 2021-04-30 青岛海尔科技有限公司 Data transmission method, device and system, storage medium and electronic device

Also Published As

Publication number Publication date
CN104580086A (en) 2015-04-29

Similar Documents

Publication Publication Date Title
WO2015055101A1 (en) Method, client, server and system for information transmission
US8745394B1 (en) Methods and systems for secure electronic communication
Naik et al. Cyber security—iot
JP6399382B2 (en) Authentication system
WO2020101788A1 (en) Systems and methods for distributed data storage and delivery using blockchain
US8904195B1 (en) Methods and systems for secure communications between client applications and secure elements in mobile devices
US9219709B2 (en) Multi-wrapped virtual private network
EP3299990A1 (en) Electronic device server and method for communicating with server
US9374360B2 (en) System and method for single-sign-on in virtual desktop infrastructure environment
Garg et al. An efficient and secure data storage in Mobile Cloud Computing through RSA and Hash function
US20190199722A1 (en) Systems and methods for networked computing
CN106506479B (en) Method, system and the client of cipher authentication, server and smart machine
WO2017035899A1 (en) Data security processing method, apparatus and system
CN110677382A (en) Data security processing method, device, computer system and storage medium
CN109309566B (en) Authentication method, device, system, equipment and storage medium
US10063655B2 (en) Information processing method, trusted server, and cloud server
US20180083935A1 (en) Method and system for secure sms communications
Shin et al. An efficient secure authentication scheme with user anonymity for roaming user in ubiquitous networks
GB2522445A (en) Secure mobile wireless communications platform
CN110708291A (en) Data authorization access method, device, medium and electronic equipment in distributed network
US9716701B1 (en) Software as a service scanning system and method for scanning web traffic
US10985921B1 (en) Systems and methods for out-of-band authenticity verification of mobile applications
CN115150065A (en) System, method and computer program product for data security
CN110995648A (en) Secure encryption method
KR101246818B1 (en) Method for encryption of Finance transaction data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14854562

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 30.08.2016)

122 Ep: pct application non-entry in european phase

Ref document number: 14854562

Country of ref document: EP

Kind code of ref document: A1