[go: up one dir, main page]

CN102684877A - Method and device for carrying out user information processing - Google Patents

Method and device for carrying out user information processing Download PDF

Info

Publication number
CN102684877A
CN102684877A CN2012100935753A CN201210093575A CN102684877A CN 102684877 A CN102684877 A CN 102684877A CN 2012100935753 A CN2012100935753 A CN 2012100935753A CN 201210093575 A CN201210093575 A CN 201210093575A CN 102684877 A CN102684877 A CN 102684877A
Authority
CN
China
Prior art keywords
user
key
data
encryption
local
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012100935753A
Other languages
Chinese (zh)
Other versions
CN102684877B (en
Inventor
李超
段培堃
谢洲为
任寰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qizhi Software Beijing Co Ltd filed Critical Qizhi Software Beijing Co Ltd
Priority to CN201210093575.3A priority Critical patent/CN102684877B/en
Publication of CN102684877A publication Critical patent/CN102684877A/en
Application granted granted Critical
Publication of CN102684877B publication Critical patent/CN102684877B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明提供了一种进行用户信息处理的方法和装置。所述方法包括:接收对用户信息进行加密的请求;依据用户当前的登录状态获取相应的加密密钥;依据所述加密密钥对所述用户信息进行加密;对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。本发明可以提高用户数据的安全性。

Figure 201210093575

The invention provides a method and device for processing user information. The method includes: receiving a request for encrypting user information; obtaining a corresponding encryption key according to the current login status of the user; encrypting the user information according to the encryption key; encoding the encrypted data, and converting the encoded The final data is saved as the first encrypted data. The invention can improve the security of user data.

Figure 201210093575

Description

一种进行用户信息处理的方法及装置A method and device for processing user information

技术领域 technical field

本申请涉及数据安全领域,特别是涉及一种进行用户信息处理的方法和一种进行用户信息处理的装置。The present application relates to the field of data security, in particular to a method for processing user information and a device for processing user information.

背景技术 Background technique

互联网络是一个开放式的系统,任何人都可以通过它共享自己的资源,获取所需的信息。当人们在网络上进行信息交流的时候,比如收发邮件,或者登录时需要提供个人信息的站点,这些包含着重要个人资料的信息包很可能在到达最终目的地前被第三方截获并破解。The Internet is an open system through which anyone can share their own resources and obtain the information they need. When people exchange information on the Internet, such as sending and receiving emails, or logging in to sites that require personal information, these information packets containing important personal data are likely to be intercepted and cracked by a third party before reaching the final destination.

Base64是网络上最常见的加密方式之一,首先,将要加密的文本的每个字符转换成标准的ASCII十进制码,然后,依据转换表转换为二进制字符串,并划分成6位1组,依据相应的转换表转换成等价十进制数,最后通过Base64表转换成Base64编码。经过Base64编码改变了原来字符出现的概率,将数据编码变成无法用肉眼识别的字符,具有不可读性,进而保证了传输数据的安全性。Base64 is one of the most common encryption methods on the Internet. First, convert each character of the text to be encrypted into a standard ASCII decimal code, and then convert it into a binary string according to the conversion table and divide it into 6-digit groups. The corresponding conversion table is converted into an equivalent decimal number, and finally converted into Base64 encoding through the Base64 table. After Base64 encoding, the probability of the original characters appearing is changed, and the data encoding is changed into characters that cannot be recognized by the naked eye, which is unreadable, thereby ensuring the security of the transmitted data.

Base64常用于网络服务器完成基于HTTP的基本认证。当服务器想限制访问某些文件时,通过使用基于HTTP的基本认证系统,便可以对这些文件进行密码保护。而基本认证使用Base64编码标准对用户名和密码进行加密。这样,黑客们使用TCP通过端口连接ESMTP服务器时,手动输入量就会大大增加。此外,大多数的电子邮件客户端都使用Base64对文件编码后通过网络传输。Base64 is often used in web servers to complete HTTP-based basic authentication. When the server wants to restrict access to certain files, these files can be password protected by using the HTTP-based basic authentication system. Basic authentication uses the Base64 encoding standard to encrypt usernames and passwords. In this way, when hackers use TCP to connect to the ESMTP server through the port, the amount of manual input will be greatly increased. Additionally, most email clients use Base64 to encode files for transmission over the network.

以上现有技术存在的问题是,由于Base64的加密过程简单,一旦被人识别,仅通过很简单的逆向算法就能解密,即将Base64加密的数据转换为十进制,再通过计算转换成二进制编码。将二进制编码分为6位1组,得到十进制码,最后再等价到相应的ASCII编码即可。因此,使用Base64加密数据安全性得不到可靠的保障。The problem with the above prior art is that, due to the simplicity of the Base64 encryption process, once it is identified, it can be decrypted only through a very simple reverse algorithm, that is, the Base64 encrypted data is converted into decimal, and then converted into binary code through calculation. Divide the binary code into 6-bit 1 group, get the decimal code, and finally equivalent to the corresponding ASCII code. Therefore, the security of encrypted data using Base64 cannot be reliably guaranteed.

因此,目前需要本领域技术人员解决的一个技术问题就是,提供一种进行用户信息处理的机制,提高用户数据的安全性。Therefore, a technical problem that needs to be solved by those skilled in the art is to provide a mechanism for processing user information to improve the security of user data.

发明内容 Contents of the invention

本申请所要解决的技术问题是提供一种进行用户信息处理的方法,提高用户数据的安全性。The technical problem to be solved in this application is to provide a method for processing user information to improve the security of user data.

本申请还提供了一种进行用户信息处理的装置,用以保证上述方法在实际中的应用及实现。The present application also provides a device for processing user information, so as to ensure the practical application and realization of the above method.

为了解决上述问题,本申请公开了一种进行用户信息处理的方法,包括:In order to solve the above problems, this application discloses a method for processing user information, including:

接收对用户信息进行加密的请求;Receive a request to encrypt user information;

依据用户当前的登录状态获取相应的加密密钥;Obtain the corresponding encryption key according to the user's current login status;

依据所述加密密钥对所述用户信息进行加密;encrypting the user information according to the encryption key;

对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The encrypted data is encoded, and the encoded data is stored as the first encrypted data.

优选的,所述方法进一步包括:Preferably, the method further comprises:

生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;Generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user;

对所述第一加密数据进行解码;decoding the first encrypted data;

依据所述解密密钥对解码后的数据进行解密;Decrypt the decoded data according to the decryption key;

按照解密后的数据,进行自动登录或自动注册。According to the decrypted data, automatic login or automatic registration is performed.

优选的,所述用户信息包括用户的登录信息或者用户身份信息。Preferably, the user information includes user login information or user identity information.

优选的,所述依据加/解密密钥对所述用户信息进行加/解密的算法为对称算法。Preferably, the algorithm for encrypting/decrypting the user information according to the encryption/decryption key is a symmetric algorithm.

优选的,所述第一加密数据保存在浏览器本地或者服务器侧。Preferably, the first encrypted data is stored locally in the browser or on the server side.

优选的,所述依据用户当前的登录状态获取相应的加密密钥的步骤包括:Preferably, the step of obtaining the corresponding encryption key according to the user's current login status includes:

若用户未登录浏览器,则在客户端提取本地密钥作为加密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;If the user does not log in to the browser, the client extracts a local key as an encryption key, and the local key is generated according to hardware parameters corresponding to the user equipment one by one;

若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。If the user has logged into the browser, the network key is extracted on the server side as the encryption key.

优选的,在用户已登录浏览器时,所述加密秘钥进一步包括本地密钥,则Preferably, when the user has logged into the browser, the encryption key further includes a local key, then

在依据所述加密密钥对用户信息进行加密之前,所述方法进一步包括:Before encrypting user information according to the encryption key, the method further includes:

依据所述本地密钥对所述用户信息进行加密;Encrypting the user information according to the local key;

对所述本地密钥加密的数据进行编码。The data encrypted by the local key is encoded.

优选的,所述依据用户当前登录状态获取相应的解密秘钥的步骤包括:Preferably, the step of obtaining the corresponding decryption key according to the current login status of the user includes:

若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;If the user does not log in to the browser, the client extracts the local key as the decryption key, and the local key is generated according to the hardware parameters corresponding to the user equipment one by one;

若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。If the user has logged into the browser, the network key is extracted on the server side as the decryption key.

优选的,在用户已登录浏览器时,所述解密秘钥进一步包括本地密钥,则Preferably, when the user has logged into the browser, the decryption key further includes a local key, then

在依据网络密钥对解码后的数据进行解密之后,所述方法还包括:After decrypting the decoded data according to the network key, the method further includes:

对依据所述网络密钥进行解密后的数据,进行解码;Decoding the data decrypted according to the network key;

依据所述本地密钥进行解密。Decrypt according to the local key.

优选的,登录用户时和未登录时,所述第一加密数据分别保存于网络用户加密数据库和公用用户加密数据库。Preferably, when the user is logged in and when the user is not logged in, the first encrypted data is stored in the network user encrypted database and the public user encrypted database respectively.

优选的,用户在浏览器端的登录状态从未登录转变为登录时,所述方法还包括:Preferably, when the user's login status on the browser side changes from non-login to login, the method further includes:

提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对第一加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。Extract the local key, the first encrypted data of the user in the public user database and the network key, decrypt the first encrypted data with the local key, encrypt the decrypted data with the network key, and save it in the network user database.

优选的,当用户在浏览器端的登录状态从未登录转变为登录时,所述方法还包括:Preferably, when the user's login status on the browser side changes from non-login to login, the method further includes:

提取公用用户数据库中用户的第一加密数据和网络密钥,使用网络密钥对用户的第一加密数据进行加密,并保存在网络用户数据库。Extracting the user's first encrypted data and the network key in the public user database, using the network key to encrypt the user's first encrypted data, and saving it in the network user database.

优选的,所述对称算法为AES64、AES128、或AES256算法。Preferably, the symmetric algorithm is AES64, AES128, or AES256 algorithm.

优选的,所述编/解码算法为Base64编/解码。Preferably, the encoding/decoding algorithm is Base64 encoding/decoding.

本申请还提供了一种进行用户信息处理的装置,包括:The present application also provides a device for processing user information, including:

加密请求接收模块,用于接收对用户信息进行加密的请求;An encryption request receiving module, configured to receive a request for encrypting user information;

加密密钥获取模块,用于依据用户当前的登录状态获取相应的加密密钥;The encryption key acquisition module is used to obtain the corresponding encryption key according to the current login status of the user;

加密模块,用于依据所述加密密钥对所述用户信息进行加密;An encryption module, configured to encrypt the user information according to the encryption key;

编码模块,用于对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The encoding module is configured to encode the encrypted data, and save the encoded data as the first encrypted data.

优选的,所述装置进一步包括:Preferably, the device further comprises:

解密请求生成模块,用于生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;A decryption request generation module, configured to generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user;

解码模块,用于对所述第一加密数据进行解码;a decoding module, configured to decode the first encrypted data;

解密模块,用于依据所述解密密钥对解码后的数据进行解密;A decryption module, configured to decrypt the decoded data according to the decryption key;

自动加载模块模块,用于按照解密后的数据,进行自动登录或自动注册。The automatic loading module module is used for performing automatic login or automatic registration according to the decrypted data.

优选的,所述用户信息包括用户的登录信息或者用户身份信息。Preferably, the user information includes user login information or user identity information.

优选的,所述依据加/解密密钥对所述用户信息进行加/解密的算法为对称算法。Preferably, the algorithm for encrypting/decrypting the user information according to the encryption/decryption key is a symmetric algorithm.

优选的,所述第一加密数据保存在浏览器本地或者服务器侧。Preferably, the first encrypted data is stored locally in the browser or on the server side.

优选的,所述加密密钥获取模块包括:Preferably, the encryption key acquisition module includes:

第一加密秘钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为加密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first encryption key acquisition submodule is used to extract a local key as an encryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one;

第二加密秘钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。The second encryption key acquisition sub-module is used to extract the network key on the server side as the encryption key if the user has logged in the browser.

优选的,在用户登录浏览器时,所述加密密钥进一步包括本地密钥,则Preferably, when the user logs into the browser, the encryption key further includes a local key, then

在加密模块之前,所述装置还包括:Before the encryption module, the device also includes:

本地加密模块,用于依据所述本地密钥对所述用户信息进行加密;a local encryption module, configured to encrypt the user information according to the local key;

本地加密数据编码模块,用于对本地密钥加密的数据进行编码。The local encrypted data encoding module is used to encode the data encrypted by the local key.

优选的,所述解密请求生成模块包括:Preferably, the decryption request generation module includes:

第一解密密钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first decryption key acquisition submodule is used to extract a local key as a decryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one;

第二解密密钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。The second decryption key acquisition submodule is used to extract the network key as the decryption key at the server side if the user has logged in the browser.

优选的,在用户登录浏览器时,所述加密密钥进一步包括本地密钥,则Preferably, when the user logs into the browser, the encryption key further includes a local key, then

在解密模块之后,所述装置还包括:After the decryption module, the device also includes:

本地解码模块,用于对依据网络密钥进行解密的数据,进行解码;The local decoding module is used to decode the data decrypted according to the network key;

本地解密模块,用于依据本地密钥进行解密。The local decryption module is used for decrypting according to the local key.

优选的,登录用户时和未登录时,所述第一加密数据分别保存于网络用户加密数据库和公用用户加密数据库。Preferably, when the user is logged in and when the user is not logged in, the first encrypted data is stored in the network user encrypted database and the public user encrypted database respectively.

优选的,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置还包括:Preferably, when the login status of the user on the browser side changes from non-login to login, the device further includes:

第一数据转移模块,用于提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对最终加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。The first data transfer module is used to extract the local key, the first encrypted data of the user in the public user database and the network key, decrypt the final encrypted data by the local key, and use the network key to decrypt the decrypted data Encrypted and stored in the network user database.

优选的,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置还包括:Preferably, when the login status of the user on the browser side changes from non-login to login, the device further includes:

第二数据转移模块,用于提取公用用户数据库中用户的第一加密数据和网络密钥,使用网络密钥对用户的最终加密数据进行加密,并保存在网络用户数据库。The second data transfer module is used to extract the user's first encrypted data and network key in the public user database, use the network key to encrypt the user's final encrypted data, and save it in the network user database.

优选的,所述对称算法为AES64、AES128、或AES256算法。Preferably, the symmetric algorithm is AES64, AES128, or AES256 algorithm.

优选的,所述编/解码算法为Base64编/解码。Preferably, the encoding/decoding algorithm is Base64 encoding/decoding.

与现有技术相比,本申请具有以下优点:Compared with the prior art, the present application has the following advantages:

本申请针对用户是否登录浏览器的情况分别采用本地密钥或网络密钥进行加密,首先通过AES加密方法将待加密数据转化为随机的数据,然后将随机数据进行Base64编码,转化为肉眼无法识别的数据,相对于简单的Base64加密,黑客需要分析解密次序,进行二次解密,难度大大增加。因此,本申请的加密方法可以增强数据安全性,让黑客无法轻易的解密数据。This application uses a local key or a network key to encrypt whether the user logs in to the browser or not. First, the data to be encrypted is converted into random data through the AES encryption method, and then the random data is encoded with Base64 to convert it into a file that cannot be recognized by the naked eye. Compared with simple Base64 encryption, hackers need to analyze the decryption sequence and perform secondary decryption, which greatly increases the difficulty. Therefore, the encryption method of the present application can enhance data security, so that hackers cannot easily decrypt data.

由于网络密钥保存在服务器端,经网络请求下载到本地,相比于本地密钥安全性更高,避免因为客户端的不稳定导致密码的泄露,这样,即使黑客获知了解密的顺序,若没有获取到网络密钥,仍然不能够解密。并且,由于登录用户和登录用户的加密方式不同,也给黑客破解造成一定的难度。Since the network key is stored on the server side and downloaded locally via network request, it is more secure than the local key and avoids the leakage of the password due to the instability of the client. In this way, even if the hacker knows the order of decryption, if there is no After obtaining the network key, it still cannot be decrypted. Moreover, since the encryption methods of the logged-in user and the logged-in user are different, it is also difficult for hackers to crack.

同时,针对已登录的用户,可以先以本地密钥进行一次AES加密和Base64加密,然后再以网络密钥进行一次AES加密和Base64加密,加密逻辑更为复杂,破解的难度更大,用户的数据也会更安全。At the same time, for logged-in users, you can first perform AES encryption and Base64 encryption with the local key, and then perform AES encryption and Base64 encryption with the network key. The encryption logic is more complicated, and it is more difficult to crack. Data will also be more secure.

此外,本申请将登录用户的加密数据放在服务器端,加密数据更为安全。并且,当用户的登录情况发生改变时,相应的改变加密方式和加密数据的存放位置,若用户从未登录转变为登录时,可以使用网络密钥进行加密,并将加密数据放在服务器端,用户数据更为安全。In addition, this application puts the encrypted data of the logged-in user on the server side, and the encrypted data is more secure. Moreover, when the user's login status changes, the encryption method and encrypted data storage location will be changed accordingly. If the user changes from non-login to login, the network key can be used for encryption, and the encrypted data will be placed on the server side. User data is more secure.

附图说明 Description of drawings

图1是本申请的一种进行用户信息处理的方法实施例1的流程图;FIG. 1 is a flow chart of Embodiment 1 of a method for processing user information of the present application;

图2是本申请的一种进行用户信息处理的方法实施例2的流程图;FIG. 2 is a flow chart of Embodiment 2 of a method for processing user information of the present application;

图3是本申请的一种进行用户信息处理的装置实施例1的结构框图;FIG. 3 is a structural block diagram of Embodiment 1 of a device for processing user information of the present application;

图4是本申请的一种进行用户信息处理的装置实施例2的结构框图。FIG. 4 is a structural block diagram of Embodiment 2 of an apparatus for processing user information of the present application.

具体实施方式 Detailed ways

为使本申请的上述目的、特征和优点能够更加明显易懂,下面结合附图和具体实施方式对本申请作进一步详细的说明。In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

参考图1,示出了本申请的一种进行用户信息处理的方法实施例1的流程图,可以包括以下步骤:Referring to FIG. 1 , it shows a flow chart of Embodiment 1 of a method for processing user information of the present application, which may include the following steps:

步骤101、接收对用户信息进行加密的请求。Step 101. Receive a request for encrypting user information.

在具体的实现中,所述用户信息可以包括用户的登录信息或者用户身份信息。In a specific implementation, the user information may include user login information or user identity information.

步骤102、依据用户当前的登录状态获取相应的加密密钥。Step 102. Obtain a corresponding encryption key according to the current login status of the user.

所述加密密钥可以包括本地密钥或网络密钥。用户登陆后可以获取其身份信息,因此可以对不同的用户进行区分,网络密钥是网络端随机产生的一个和当前用户身份信息绑定的密钥,若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。由于网络密钥存放在服务器中,经过网络请求下载到本地,对于登录用户而言,密码保存在服务器上,降低了从客户端不可控的风险,比本地密钥更为安全。在具体的实现中,可以设置用户登录后即可获取网络密钥,若能获取到该密钥,则以网络密钥进行加密,若获取不到,则以本地密钥进行加密。The encryption key may comprise a local key or a network key. After the user logs in, the identity information can be obtained, so different users can be distinguished. The network key is a key randomly generated on the network side and bound to the current user identity information. If the user has logged in to the browser, the server side Extract the network key as the encryption key. Since the network key is stored in the server and downloaded locally through a network request, for the logged-in user, the password is stored on the server, which reduces the risk of being uncontrollable from the client and is more secure than the local key. In a specific implementation, it can be set that the user can obtain the network key after logging in. If the key can be obtained, it will be encrypted with the network key, and if it cannot be obtained, it will be encrypted with the local key.

未登录浏览器的各个用户在网络端的身份无法区别,可以使用本地密钥作为加密密钥。所述本地密钥依据与用户设备一一对应的硬件参数生成(例如本地磁盘的卷标号),每台机器有一个与本机一一对应的本地密钥,不同的机器密钥彼此不同。The identity of each user who has not logged in to the browser cannot be distinguished on the network side, and the local key can be used as the encryption key. The local key is generated according to the hardware parameters corresponding to the user equipment (such as the volume label of the local disk), and each machine has a local key corresponding to the machine, and the keys of different machines are different from each other.

对于登录用户和非登录用户采取不同的加密方式,可以提高黑客破解的难度,即使黑客获知了解密的顺序,若没有获取到网络密钥,仍然不能够解密。Different encryption methods are adopted for logged-in users and non-logged-in users, which can increase the difficulty for hackers to crack. Even if hackers know the decryption sequence, if they do not obtain the network key, they still cannot decrypt.

步骤103、依据所述加密密钥对所述用户信息进行加密;Step 103, encrypting the user information according to the encryption key;

在互联网中进行信息交流传输时,使用加密密钥进行加密是简单有效的加密方法。信息在发送前需要按照规则进行数据的重新排列组合,打乱了原有的数据顺序,这样即便数据包被第三方截获也不会影响数据的安全性。优选的,所述依据加密密钥对所述用户信息进行加密的算法可以为对称算法,所述对称算法可以为AES64、AES128、或AES256算法。Encryption using an encryption key is a simple and effective encryption method for information exchange and transmission on the Internet. Before the information is sent, the data needs to be rearranged and combined according to the rules, which disrupts the original data sequence, so that even if the data packet is intercepted by a third party, it will not affect the security of the data. Preferably, the algorithm for encrypting the user information according to the encryption key may be a symmetric algorithm, and the symmetric algorithm may be an AES64, AES128, or AES256 algorithm.

AES(高级加密标准,Advanced Encryption Standard),又称Rijndael加密法,是美国联邦政府采用的一种区块加密标准。AES是一种对称密钥算法,使用128、192或256位密钥,并且用128位数据块分组对数据进行加密和解密。在本申请中,所述AES加密可以为AES64、AES128、或AES256加密。AES (Advanced Encryption Standard, Advanced Encryption Standard), also known as Rijndael encryption method, is a block encryption standard adopted by the US federal government. AES is a symmetric key algorithm that uses 128, 192, or 256-bit keys and encrypts and decrypts data in blocks of 128 bits. In this application, the AES encryption may be AES64, AES128, or AES256 encryption.

AES在进行加密时,常会在客户端采用一个密钥,使用该密钥进行编码。AES加密过程是在一个4×4的字节矩阵上运作,这个矩阵又称为“体(state)”,其初值就是一个明文区块(矩阵中一个元素大小就是明文区块中的一个Byte)。加密时,各轮AES加密循环(除最后一轮外)均包含4个步骤:When AES encrypts, it often uses a key on the client side and uses this key for encoding. The AES encryption process operates on a 4×4 byte matrix, which is also called "state", and its initial value is a plaintext block (the size of an element in the matrix is a Byte in the plaintext block ). When encrypting, each round of AES encryption cycle (except the last round) consists of 4 steps:

步骤1、矩阵中的每一个字节都与该次回合金钥(Round key)进行异或运算,每个金钥由密钥生成方案产生;Step 1. Each byte in the matrix is XORed with the round key (Round key), and each key is generated by the key generation scheme;

步骤2、通过一个非线性的替换函数,用查找表的方式把每个字节替换成对应的字节,替换字节的结果相当于错排的结果;Step 2. Through a non-linear replacement function, each byte is replaced with the corresponding byte in the form of a lookup table, and the result of replacing the byte is equivalent to the result of misalignment;

步骤3、将矩阵中的每个横列进行循环式移位,经过该步骤,输出矩阵中每一竖列,都是由输入矩阵中的每个不同列中的元素组成;Step 3, performing circular shift on each row in the matrix, after this step, each vertical column in the output matrix is composed of elements in each different column in the input matrix;

步骤4、为了充分混合矩阵中各个直行,这个步骤使用线性转换来混合每行内的四个字节,将每一直行的四个字节透过线性变换互相结合,每一个输入的字节都会对输出的四个字节造成影响。Step 4. In order to fully mix each column in the matrix, this step uses a linear transformation to mix the four bytes in each row, and combines the four bytes in each column with each other through a linear transformation. Each input byte will be The four bytes of output make the difference.

以上4个步骤循环进行,最后一轮循环中省略第4步,而以另一个第3步取代,经过AES加密后可以将待加密数据变成一段随机数据。The above 4 steps are carried out cyclically. In the last cycle, step 4 is omitted and replaced by another step 3. After AES encryption, the data to be encrypted can be changed into a piece of random data.

步骤104、对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。Step 104, encode the encrypted data, and save the encoded data as first encrypted data.

优选的,所述编码算法为可以Base64编码。经过Base64编码,AES加密后的数据首先被转换成ASCII十进制码,然后转换为6位1组的二进制字符串,接着依据相应的转换表转换成十进制,最后通过Base64表转换成Base64编码。如下例所示。Preferably, the encoding algorithm can be Base64 encoding. After Base64 encoding, the AES-encrypted data is first converted into ASCII decimal code, then converted into a 6-digit binary string, then converted into decimal according to the corresponding conversion table, and finally converted into Base64 code through the Base64 table. As shown in the example below.

待转换的数据为:10101101 10111010 01110110;The data to be converted is: 10101101 10111010 01110110;

二进制为:0010101 100011011 00101001 00110110;Binary is: 0010101 100011011 00101001 00110110;

十进制为:43 27 41 54;Decimal is: 43 27 41 54;

Base64编码值为:r b p 2;Base64 encoded value: r b p 2;

因此,上面的24位待编码数据经过编码后的Base64值为rbp2,人通过肉眼已经无法识别出原数据。并且,相对于简单的Base64加密,本申请的加密方法对数据进行了二次解密,解密的难度大大增加。因此,本申请的加密方法可以增强数据安全性,让黑客无法轻易的解密数据。Therefore, the encoded Base64 value of the above 24-bit data to be encoded is rbp2, and the original data cannot be recognized by the naked eye. Moreover, compared with the simple Base64 encryption, the encryption method of the present application decrypts the data twice, and the difficulty of decryption is greatly increased. Therefore, the encryption method of the present application can enhance data security, so that hackers cannot easily decrypt data.

优选的,还可以依据用户的解密请求对加密的数据进行解密,如图1所示,所述方法还可以进一步包括步骤105。Preferably, the encrypted data may also be decrypted according to the user's decryption request, as shown in FIG. 1 , the method may further include step 105 .

步骤105、生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据。Step 105: Generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user.

浏览器需要用到用信息时,需要对用户的第一加密数据进行解密,用户当前登录状态不同,解密的密钥也不相同。具体而言,若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成。若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。When the browser needs to use the user information, it needs to decrypt the user's first encrypted data, and the decryption key is different depending on the user's current login status. Specifically, if the user does not log in to the browser, a local key is extracted at the client as a decryption key, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one. If the user has logged into the browser, the network key is extracted on the server side as the decryption key.

步骤106、对所述第一加密数据进行解码。Step 106. Decode the first encrypted data.

依据上面的加密过程,首先需要对第一加密数据进行解码,然后再依据解密密钥进行解密。优选的,所述解码算法可以为Base64解码。According to the above encryption process, the first encrypted data needs to be decoded first, and then decrypted according to the decryption key. Preferably, the decoding algorithm can be Base64 decoding.

步骤107、依据所述解密密钥对解码后的数据进行解密;Step 107, decrypting the decoded data according to the decryption key;

若使用对称算法对数据进行加密,在解密时还需要使用加密时用到的密钥进行解密,优选的,所述对称算法为AES64、AES128、或AES256算法。If a symmetric algorithm is used to encrypt data, the key used for encryption needs to be used for decryption. Preferably, the symmetric algorithm is AES64, AES128, or AES256 algorithm.

步骤108、按照解密后的数据,进行自动登录或自动注册。Step 108, perform automatic login or automatic registration according to the decrypted data.

对用户信息进行解密后,可以用于登录或注册所用。在具体实现中,用户在网页上输入密码后,可以提供给用户是否自动登录的选项,用户确定下次自动登录了之后,可以对用户登录信息进行加密,下次用户登录相同网页时,取出用户加密的登录信息,进行解密,然后将解密得到的登录信息自动填写到登录框中,实现自动登录。After decrypting the user information, it can be used for login or registration. In the specific implementation, after the user enters the password on the webpage, the user can be provided with the option of whether to log in automatically. After the user confirms that the next automatic login is performed, the user login information can be encrypted. When the user logs in to the same webpage next time, the user password The encrypted login information is decrypted, and then the decrypted login information is automatically filled in the login box to realize automatic login.

同样,用户多个网站进行注册时,可能会需要填写多个身份信息,比较麻烦,用户在一个网站或是浏览器上填写完身份信息后,可以将身份信息进行加密,下次用户需要填写身份信息时,可以将加密的身份信取出,并进行解密,将解密后的身份信息自动填写到注册框中,实现自动注册。Similarly, when a user registers with multiple websites, they may need to fill in multiple identity information, which is troublesome. After the user fills in the identity information on a website or browser, the identity information can be encrypted, and the user needs to fill in the identity information next time. When sending information, the encrypted identity letter can be taken out and decrypted, and the decrypted identity information can be automatically filled in the registration box to realize automatic registration.

优选的,所述第一加密数据可以保存在浏览器本地或者服务器侧。用户登录时和未登录时,所述第一加密数据可以分别保存于预置的网络用户加密数据库和公用用户加密数据库。加密处理完成之后,可以将所述登录用户的最终加密数据置于网络用户加密数据库,该密码库供登陆用户使用,密码存放在每个网络用户的专有文件夹中;未登录用户的最终加密数据可以置于公用用户加密数据库,该密码库供未登录用户使用,密码存放在本地公用用户的专有文件夹中。Preferably, the first encrypted data can be stored locally in the browser or on the server side. When the user is logged in and not logged in, the first encrypted data may be stored in a preset network user encrypted database and a public user encrypted database respectively. After the encryption process is completed, the final encrypted data of the logged-in user can be placed in the network user encryption database, which is used by the logged-in user, and the password is stored in the exclusive folder of each network user; the final encrypted data of the non-logged-in user The data can be placed in the public user encrypted database, which is used by non-login users, and the password is stored in the private folder of the local public user.

当用户在浏览器端的登录状态从未登录转变为登录时,还可以相应改变用户的加密方式,并改变最终加密数据所存储的数据库。具体而言,可以提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对第一加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。When the user's login status on the browser side changes from non-login to login, the user's encryption method can also be changed accordingly, and the database in which the final encrypted data is stored can also be changed. Specifically, the local key, the first encrypted data of the user in the public user database and the network key may be extracted, the first encrypted data is decrypted by the local key, and the decrypted data is encrypted using the network key, And save in the network user database.

参考图2,示出了本申请的一种进行用户信息处理的方法实施例2的流程图,具体可以包括以下步骤:Referring to FIG. 2 , it shows a flow chart of Embodiment 2 of a method for processing user information of the present application, which may specifically include the following steps:

在本实施例中,用户已登录浏览器,加密密钥包括本地密钥和网络密钥,依据网络密钥进行加密之前还可以依据本地密钥进行加密。In this embodiment, the user has logged into the browser, and the encryption key includes a local key and a network key, and encryption may also be performed based on the local key before encryption based on the network key.

步骤201、接收对用户信息进行加密的请求;Step 201, receiving a request for encrypting user information;

步骤202、依据用户当前的登录状态获取相应的加密密钥,所述加密密钥包括本地密钥和网络密钥;Step 202. Obtain a corresponding encryption key according to the current login status of the user, and the encryption key includes a local key and a network key;

步骤203、依据所述本地密钥对用户信息进行加密。Step 203, encrypt user information according to the local key.

步骤204、对所述本地密钥加密的数据进行编码。Step 204, encode the data encrypted by the local key.

步骤205、依据所述网络密钥进行加密;Step 205, encrypting according to the network key;

步骤206、对所述网络密钥加密的数据进行编码,将编码后的数据作为第一加密数据并进行保存。Step 206: Encode the data encrypted by the network key, and store the encoded data as first encrypted data.

依据本实施例,针对已登录的用户,可以先以本地密钥进行一次AES加密,然后再以网络密钥进行一次加密和编码。在进行本地加密后还可以再进行一次加密,相比与原有的依据网络密钥进行加密的方式,加密逻辑更为复杂,破解的难度更大,用户的数据也会更安全。According to this embodiment, for logged-in users, AES encryption can be performed with a local key first, and then encryption and encoding can be performed with a network key. After the local encryption, another encryption can be performed. Compared with the original encryption method based on the network key, the encryption logic is more complicated, it is more difficult to crack, and the user's data will be more secure.

步骤207、生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据,所述解密密钥包括本地密钥和网络密钥。Step 207: Generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user, where the decryption key includes a local key and a network key.

在本实施例中,对第一加密数据进行解密时,若用户已登录浏览器,所述解密密钥可以包括本地密钥和网络密钥,可以先使用网络密钥进行解密,再使用本地密钥进行解密,在进行本地解密之前,还可以先进行解码。In this embodiment, when decrypting the first encrypted data, if the user has logged into the browser, the decryption key may include a local key and a network key, and the network key may be used to decrypt first, and then the local key may be used to decrypt key to decrypt, and before local decryption, it can also be decoded first.

步骤208、对所述第一加密数据进行解码。Step 208: Decode the first encrypted data.

步骤209、依据所述网络密钥对解码后的数据进行解密;Step 209, decrypting the decoded data according to the network key;

步骤210、对依据所述网络密钥进行解密后的数据,进行解码;Step 210, decoding the data decrypted according to the network key;

步骤211、依据所述本地密钥进行解密。Step 211, decrypt according to the local key.

步骤212、按照解密后的数据,进行自动登录或自动注册。Step 212, perform automatic login or automatic registration according to the decrypted data.

综上所述,本申请针对用户是否登录浏览器的情况分别采用本地密钥或网络密钥进行加密,首先通过AES加密方法将待加密数据转化为随机的数据,然后将随机数据进行Base64编码,转化为肉眼无法识别的数据,相对于简单的Base64加密,黑客需要分析解密次序,进行二次解密,难度大大增加。因此,本申请的加密方法可以增强数据安全性,让黑客无法轻易的解密数据。To sum up, this application uses a local key or a network key to encrypt whether the user logs in to the browser or not. First, the data to be encrypted is converted into random data through the AES encryption method, and then the random data is encoded with Base64. Converted to data that cannot be recognized by the naked eye. Compared with simple Base64 encryption, hackers need to analyze the decryption sequence and perform secondary decryption, which greatly increases the difficulty. Therefore, the encryption method of the present application can enhance data security, so that hackers cannot easily decrypt data.

由于网络密钥保存在服务器端,经网络请求下载到本地,相比于本地密钥安全性更高,避免因为客户端的不稳定导致密码的泄露,这样,即使黑客获知了解密的顺序,若没有获取到网络密钥,仍然不能够解密。并且,由于登录用户和登录用户的加密方式不同,也给黑客破解造成一定的难度。Since the network key is stored on the server side and downloaded locally via network request, it is more secure than the local key and avoids the leakage of the password due to the instability of the client. In this way, even if the hacker knows the order of decryption, if there is no After obtaining the network key, it still cannot be decrypted. Moreover, since the encryption methods of the logged-in user and the logged-in user are different, it is also difficult for hackers to crack.

同时,针对已登录的用户,可以先以本地密钥进行一次AES加密和Base64加密,然后再以网络密钥进行一次AES加密和Base64加密,加密逻辑更为复杂,破解的难度更大,用户的数据也会更安全。At the same time, for logged-in users, you can first perform AES encryption and Base64 encryption with the local key, and then perform AES encryption and Base64 encryption with the network key. The encryption logic is more complicated, and it is more difficult to crack. Data will also be more secure.

此外,本申请将登录用户的加密数据放在服务器端,加密数据更为安全。并且,当用户的登录情况发生改变时,相应的改变加密方式和加密数据的存放位置,若用户从未登录转变为登录时,可以使用网络密钥进行加密,并将加密数据放在服务器端,用户数据更为安全。In addition, this application puts the encrypted data of the logged-in user on the server side, and the encrypted data is more secure. Moreover, when the user's login status changes, the encryption method and encrypted data storage location will be changed accordingly. If the user changes from non-login to login, the network key can be used for encryption, and the encrypted data will be placed on the server side. User data is more secure.

对于方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本申请并不受所描述的动作顺序的限制,因为依据本申请,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本申请所必须的。For the method embodiment, for the sake of simple description, it is expressed as a series of action combinations, but those skilled in the art should know that the application is not limited by the described action sequence, because according to the application, certain steps Other sequences or concurrently may be used. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and modules involved are not necessarily required by this application.

参考图3,示出了本申请的一种进行用户信息处理的装置实施例1的结构框图,具体可以包括以下模块:Referring to FIG. 3 , it shows a structural block diagram of Embodiment 1 of an apparatus for processing user information of the present application, which may specifically include the following modules:

加密请求接收模块301,用于接收对用户信息进行加密的请求;An encryption request receiving module 301, configured to receive a request for encrypting user information;

加密密钥获取模块302,用于依据用户当前的登录状态获取相应的加密密钥;An encryption key acquisition module 302, configured to acquire a corresponding encryption key according to the current login status of the user;

加密模块303,用于依据所述加密密钥对所述用户信息进行加密;An encryption module 303, configured to encrypt the user information according to the encryption key;

编码模块304,用于对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The encoding module 304 is configured to encode the encrypted data, and save the encoded data as first encrypted data.

优选的,还可以依据用户的解密请求对加密的数据进行解密,如图3所示,所述装置还可以进一步包括模块305。Preferably, the encrypted data may also be decrypted according to the user's decryption request. As shown in FIG. 3 , the device may further include a module 305 .

解密请求生成模块305,用于生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;A decryption request generating module 305, configured to generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user;

解码模块306,用于对所述第一加密数据进行解码;a decoding module 306, configured to decode the first encrypted data;

解密模块307,用于依据所述解密密钥对解码后的数据进行解密;Decryption module 307, configured to decrypt the decoded data according to the decryption key;

自动加载模块模块308,用于按照解密后的数据,进行自动登录或自动注册。The automatic loading module module 308 is used for performing automatic login or automatic registration according to the decrypted data.

优选的,所述用户信息可以包括用户的登录信息或者用户身份信息。Preferably, the user information may include user login information or user identity information.

优选的,所述依据加/解密密钥对所述用户信息进行加/解密的算法可以为对称算法。Preferably, the algorithm for encrypting/decrypting the user information according to the encryption/decryption key may be a symmetric algorithm.

进一步地,所述第一加密数据可以保存在浏览器本地或者服务器侧。Further, the first encrypted data may be stored locally in the browser or on the server side.

在本申请的一种优选实施例中,所述加密密钥获取模块可以包括:In a preferred embodiment of the present application, the encryption key acquisition module may include:

第一加密秘钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为加密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first encryption key acquisition submodule is used to extract a local key as an encryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one;

第二加密秘钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。The second encryption key acquisition sub-module is used to extract the network key on the server side as the encryption key if the user has logged in the browser.

在本申请的一种优选实施例中,所述解密请求生成模块可以包括:In a preferred embodiment of the present application, the decryption request generating module may include:

第一解密密钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first decryption key acquisition submodule is used to extract a local key as a decryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one;

第二解密密钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。The second decryption key acquisition submodule is used to extract the network key as the decryption key at the server side if the user has logged in the browser.

在本申请的一种优选实施例中,登录用户时和未登录时,所述第一加密数据可以分别保存于网络用户加密数据库和公用用户加密数据库。In a preferred embodiment of the present application, when the user is logged in and when the user is not logged in, the first encrypted data can be stored in the network user encrypted database and the public user encrypted database respectively.

优选的,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置还可以包括:Preferably, when the user's login status on the browser changes from non-login to login, the device may further include:

第一数据转移模块,用于提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对最终加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。The first data transfer module is used to extract the local key, the first encrypted data of the user in the public user database and the network key, decrypt the final encrypted data by the local key, and use the network key to decrypt the decrypted data Encrypted and stored in the network user database.

优选的,所述对称算法可以为AES64、AES128、或AES256算法。所述编/解码算法可以为Base64编/解码。Preferably, the symmetric algorithm may be AES64, AES128, or AES256 algorithm. The encoding/decoding algorithm may be Base64 encoding/decoding.

参考图4,示出了本申请的一种进行用户信息处理的装置实施例2的结构框图,具体可以包括以下模块:Referring to FIG. 4 , it shows a structural block diagram of Embodiment 2 of an apparatus for processing user information of the present application, which may specifically include the following modules:

在本实施例中,用户已登录浏览器,所述加密密钥包括本地密钥和加密密钥,可以先使用本地密钥进行加密,再使用网络密钥进行加密。In this embodiment, the user has logged into the browser, and the encryption key includes a local key and an encryption key. The local key may be used for encryption first, and then the network key for encryption.

加密请求接收模块401,用于接收对用户信息进行加密的请求;An encryption request receiving module 401, configured to receive a request for encrypting user information;

加密密钥获取模块402,用于依据用户当前的登录状态获取相应的加密密钥;An encryption key acquisition module 402, configured to acquire a corresponding encryption key according to the current login status of the user;

本地加密模块403,用于依据所述本地密钥对所述用户信息进行加密;A local encryption module 403, configured to encrypt the user information according to the local key;

本地加密数据编码模块404,用于对本地密钥加密的数据进行编码。The local encrypted data encoding module 404 is configured to encode the data encrypted by the local key.

网络加密模块405,用于依据所述网络密钥对所述用户信息进行加密;A network encryption module 405, configured to encrypt the user information according to the network key;

网络加密数据编码模块406,用于对网络加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The network encrypted data encoding module 406 is configured to encode the network encrypted data, and save the encoded data as the first encrypted data.

在本实施例中,对第一加密数据进行解密时,若用户已登录浏览器,所述解密密钥可以包括本地密钥和网络密钥,可以先使用网络密钥进行解密,再使用本地密钥进行解密,在进行本地解密之前,还可以先进行解码。In this embodiment, when decrypting the first encrypted data, if the user has logged into the browser, the decryption key may include a local key and a network key, and the network key may be used to decrypt first, and then the local key may be used to decrypt key to decrypt, and before local decryption, it can also be decoded first.

解密请求生成模块407,用于生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;A decryption request generating module 407, configured to generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user;

网络解码模块408,用于对所述第一加密数据进行解码;A network decoding module 408, configured to decode the first encrypted data;

网络解密模块409,用于依据所述网络密钥对解码后的数据进行解密;A network decryption module 409, configured to decrypt the decoded data according to the network key;

本地解码模块410,用于对依据网络密钥进行解密的数据,进行解码;The local decoding module 410 is used to decode the data decrypted according to the network key;

本地解密模块411,用于依据本地密钥进行解密。The local decryption module 411 is configured to decrypt according to the local key.

自动加载模块模块412,用于按照解密后的数据,进行自动登录或自动注册。The automatic loading module module 412 is used for performing automatic login or automatic registration according to the decrypted data.

优选的,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置可以还包括:Preferably, when the user's login status on the browser side changes from non-login to login, the device may further include:

第二数据转移模块,用于提取公用用户数据库中用户的第一加密数据和网络密钥,使用网络密钥对用户的最终加密数据进行加密,并保存在网络用户数据库。The second data transfer module is used to extract the user's first encrypted data and network key in the public user database, use the network key to encrypt the user's final encrypted data, and save it in the network user database.

由于所述装置实施例基本相应于前述图1和图2所示的方法实施例,故本实施例的描述中未详尽之处,可以参见前述实施例中的相关说明,在此就不赘述了。Since the device embodiment basically corresponds to the method embodiment shown in Figure 1 and Figure 2 above, for details not described in this embodiment, you can refer to the relevant description in the previous embodiment, and will not go into details here .

本申请可用于众多通用或专用的计算系统环境或配置中。例如:个人计算机、服务器计算机、手持设备或便携式设备、平板型设备、多处理器系统、基于微处理器的系统、置顶盒、可编程的消费电子设备、网络PC、小型计算机、大型计算机、包括以上任何系统或设备的分布式计算环境等等。The application can be used in numerous general purpose or special purpose computing system environments or configurations. Examples: personal computers, server computers, handheld or portable devices, tablet-type devices, multiprocessor systems, microprocessor-based systems, set-top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, including A distributed computing environment for any of the above systems or devices, etc.

本申请可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本申请,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。This application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including storage devices.

在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个......”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。As used herein, the terms "comprises," "comprises," or any other variation thereof are intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus that includes a set of elements includes not only those elements, but also includes not expressly included other elements listed, or also include elements inherent in such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element.

以上对本申请所提供的一种进行用户信息处理的方法,以及一种进行用户信息处理的装置进行了详细介绍,本文中应用了具体个例对本申请的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本申请的方法及其核心思想;同时,对于本领域的一般技术人员,依据本申请的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本申请的限制。A method for processing user information and a device for processing user information provided by this application have been introduced in detail above. This article uses specific examples to illustrate the principle and implementation of this application. The above examples The description is only used to help understand the method of the present application and its core idea; at the same time, for those of ordinary skill in the art, according to the idea of the present application, there will be changes in the specific implementation and application scope. In summary, As stated above, the contents of this specification should not be construed as limiting the application.

Claims (28)

1.一种进行用户信息处理的方法,其特征在于,包括:1. A method for processing user information, comprising: 接收对用户信息进行加密的请求;Receive a request to encrypt user information; 依据用户当前的登录状态获取相应的加密密钥;Obtain the corresponding encryption key according to the user's current login status; 依据所述加密密钥对所述用户信息进行加密;encrypting the user information according to the encryption key; 对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The encrypted data is encoded, and the encoded data is stored as the first encrypted data. 2.如权利要求1所述的方法,其特征在于,进一步包括:2. The method of claim 1, further comprising: 生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;Generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user; 对所述第一加密数据进行解码;decoding the first encrypted data; 依据所述解密密钥对解码后的数据进行解密;Decrypt the decoded data according to the decryption key; 按照解密后的数据,进行自动登录或自动注册。According to the decrypted data, automatic login or automatic registration is performed. 3.如权利要求1所述的方法,其特征在于,所述用户信息包括用户的登录信息或者用户身份信息。3. The method according to claim 1, wherein the user information comprises user login information or user identity information. 4.如权利要求2所述的方法,其特征在于,所述依据加/解密密钥对所述用户信息进行加/解密的算法为对称算法。4. The method according to claim 2, wherein the algorithm for encrypting/decrypting the user information according to the encryption/decryption key is a symmetric algorithm. 5.如权利要求1所述的方法,其特征在于,进一步地所述第一加密数据保存在浏览器本地或者服务器侧。5. The method according to claim 1, characterized in that, further, the first encrypted data is stored locally in the browser or on the server side. 6.如权利要求1所述的方法,其特征在于,所述依据用户当前的登录状态获取相应的加密密钥的步骤包括:6. The method according to claim 1, wherein the step of obtaining the corresponding encryption key according to the current login status of the user comprises: 若用户未登录浏览器,则在客户端提取本地密钥作为加密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;If the user does not log in to the browser, the client extracts a local key as an encryption key, and the local key is generated according to hardware parameters corresponding to the user equipment one by one; 若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。If the user has logged into the browser, the network key is extracted on the server side as the encryption key. 7.如权利要求6所述的方法,其特征在于,在用户已登录浏览器时,所述加密秘钥进一步包括本地密钥,则7. The method according to claim 6, wherein when the user has logged into the browser, the encryption key further includes a local key, then 在依据所述加密密钥对用户信息进行加密之前,所述方法进一步包括:Before encrypting user information according to the encryption key, the method further includes: 依据所述本地密钥对所述用户信息进行加密;Encrypting the user information according to the local key; 对所述本地密钥加密的数据进行编码。The data encrypted by the local key is encoded. 8.如权利要求2所述的方法,其特征在于,所述依据用户当前登录状态获取相应的解密秘钥的步骤包括:8. The method according to claim 2, wherein the step of obtaining the corresponding decryption key according to the current login status of the user comprises: 若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;If the user does not log in to the browser, the client extracts the local key as the decryption key, and the local key is generated according to the hardware parameters corresponding to the user equipment one by one; 若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。If the user has logged into the browser, the network key is extracted on the server side as the decryption key. 9.如权利要求8所述的方法,其特征在于,在用户已登录浏览器时,所述解密秘钥进一步包括本地密钥,则9. The method according to claim 8, wherein when the user has logged into the browser, the decryption key further comprises a local key, then 在依据网络密钥对解码后的数据进行解密之后,所述方法还包括:After decrypting the decoded data according to the network key, the method further includes: 对依据所述网络密钥进行解密后的数据,进行解码;Decoding the data decrypted according to the network key; 依据所述本地密钥进行解密。Decrypt according to the local key. 10.如权利要求6或8所述的方法,其特征在于,登录用户时和未登录时,所述第一加密数据分别保存于网络用户加密数据库和公用用户加密数据库。10. The method according to claim 6 or 8, wherein when the user is logged in and when the user is not logged in, the first encrypted data is stored in the network user encrypted database and the public user encrypted database respectively. 11.如权利要求10所述的方法,其特征在于,当用户在浏览器端的登录状态从未登录转变为登录时,所述方法还包括:11. The method according to claim 10, characterized in that, when the user's login status at the browser end changes from non-login to login, the method further comprises: 提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对第一加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。Extract the local key, the first encrypted data of the user in the public user database and the network key, decrypt the first encrypted data with the local key, encrypt the decrypted data with the network key, and save it in the network user database. 12.如权利要求10所述的方法,其特征在于,当用户在浏览器端的登录状态从未登录转变为登录时,所述方法还包括:12. The method according to claim 10, wherein when the login status of the user on the browser side changes from non-login to login, the method further comprises: 提取公用用户数据库中用户的第一加密数据和网络密钥,使用网络密钥对用户的第一加密数据进行加密,并保存在网络用户数据库。Extracting the user's first encrypted data and the network key in the public user database, using the network key to encrypt the user's first encrypted data, and saving it in the network user database. 13.如权利要求4所述的方法,其特征在于,所述对称算法为AES64、AES128、或AES256算法。13. The method according to claim 4, wherein the symmetric algorithm is an AES64, AES128, or AES256 algorithm. 14.如权利要求2所述的方法,其特征在于,所述编/解码算法为Base64编/解码。14. The method according to claim 2, wherein the encoding/decoding algorithm is Base64 encoding/decoding. 15.一种进行用户信息处理的装置,其特征在于,包括:15. A device for processing user information, comprising: 加密请求接收模块,用于接收对用户信息进行加密的请求;An encryption request receiving module, configured to receive a request for encrypting user information; 加密密钥获取模块,用于依据用户当前的登录状态获取相应的加密密钥;The encryption key acquisition module is used to obtain the corresponding encryption key according to the current login status of the user; 加密模块,用于依据所述加密密钥对所述用户信息进行加密;An encryption module, configured to encrypt the user information according to the encryption key; 编码模块,用于对加密的数据进行编码,将编码后的数据作为第一加密数据进行保存。The encoding module is configured to encode the encrypted data, and save the encoded data as the first encrypted data. 16.如权利要求15所述的装置,其特征在于,进一步包括:16. The apparatus of claim 15, further comprising: 解密请求生成模块,用于生成解密请求,并依据用户当前登录状态获取相应的解密秘钥,以及所述第一加密数据;A decryption request generation module, configured to generate a decryption request, and obtain a corresponding decryption key and the first encrypted data according to the current login status of the user; 解码模块,用于对所述第一加密数据进行解码;a decoding module, configured to decode the first encrypted data; 解密模块,用于依据所述解密密钥对解码后的数据进行解密;A decryption module, configured to decrypt the decoded data according to the decryption key; 自动加载模块模块,用于按照解密后的数据,进行自动登录或自动注册。The automatic loading module module is used for performing automatic login or automatic registration according to the decrypted data. 17.如权利要求15所述的装置,其特征在于,所述用户信息包括用户的登录信息或者用户身份信息。17. The device according to claim 15, wherein the user information comprises user login information or user identity information. 18.如权利要求16所述的装置,其特征在于,所述依据加/解密密钥对所述用户信息进行加/解密的算法为对称算法。18. The device according to claim 16, wherein the algorithm for encrypting/decrypting the user information according to the encryption/decryption key is a symmetric algorithm. 19.如权利要求15所述的装置,其特征在于,进一步地所述第一加密数据保存在浏览器本地或者服务器侧。19. The device according to claim 15, wherein further the first encrypted data is stored locally in the browser or on the server side. 20.如权利要求15所述的装置,其特征在于,所述加密密钥获取模块包括:20. The device according to claim 15, wherein the encryption key acquisition module comprises: 第一加密秘钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为加密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first encryption key acquisition submodule is used to extract a local key as an encryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one; 第二加密秘钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为加密密钥。The second encryption key acquisition sub-module is used to extract the network key on the server side as the encryption key if the user has logged in the browser. 21.如权利要求20所述的装置,其特征在于,在用户登录浏览器时,所述加密密钥进一步包括本地密钥,则21. The device according to claim 20, wherein when the user logs into the browser, the encryption key further includes a local key, then 在加密模块之前,所述装置还包括:Before the encryption module, the device also includes: 本地加密模块,用于依据所述本地密钥对所述用户信息进行加密;a local encryption module, configured to encrypt the user information according to the local key; 本地加密数据编码模块,用于对本地密钥加密的数据进行编码。The local encrypted data encoding module is used to encode the data encrypted by the local key. 22.如权利要求16所述的装置,其特征在于,所述解密请求生成模块包括:22. The device according to claim 16, wherein the decryption request generation module comprises: 第一解密密钥获取子模块,用于若用户未登录浏览器,则在客户端提取本地密钥作为解密密钥,所述本地密钥依据与用户设备一一对应的硬件参数生成;The first decryption key acquisition submodule is used to extract a local key as a decryption key at the client if the user does not log in to the browser, and the local key is generated according to hardware parameters corresponding to the user equipment one-to-one; 第二解密密钥获取子模块,用于若用户已登录浏览器,则在服务器端提取网络密钥作为解密密钥。The second decryption key acquisition submodule is used to extract the network key as the decryption key at the server side if the user has logged in the browser. 23.如权利要求22所述的装置,其特征在于,在用户登录浏览器时,所述加密密钥进一步包括本地密钥,则23. The device according to claim 22, wherein when the user logs into the browser, the encryption key further includes a local key, then 在解密模块之后,所述装置还包括:After the decryption module, the device also includes: 本地解码模块,用于对依据网络密钥进行解密的数据,进行解码;The local decoding module is used to decode the data decrypted according to the network key; 本地解密模块,用于依据本地密钥进行解密。The local decryption module is used for decrypting according to the local key. 24.如权利要求20或22所述的装置,其特征在于,登录用户时和未登录时,所述第一加密数据分别保存于网络用户加密数据库和公用用户加密数据库。24. The device according to claim 20 or 22, wherein when the user is logged in and when the user is not logged in, the first encrypted data is stored in the network user encrypted database and the public user encrypted database respectively. 25.如权利要求24所述的装置,其特征在于,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置还包括:25. The device according to claim 24, wherein when the user's login status on the browser changes from unlogged to logged in, the device further comprises: 第一数据转移模块,用于提取本地密钥、公用用户数据库中用户的第一加密数据和网络密钥,由本地密钥对最终加密数据进行解密,并使用网络密钥对解密后的数据进行加密,并保存在网络用户数据库。The first data transfer module is used to extract the local key, the first encrypted data of the user in the public user database and the network key, decrypt the final encrypted data by the local key, and use the network key to decrypt the decrypted data Encrypted and stored in the network user database. 26.如权利要求24所述的装置,其特征在于,当用户在浏览器端的登录状态从未登录转变为登录时,所述装置还包括:26. The device according to claim 24, wherein when the user's login status on the browser changes from non-login to login, the device further comprises: 第二数据转移模块,用于提取公用用户数据库中用户的第一加密数据和网络密钥,使用网络密钥对用户的最终加密数据进行加密,并保存在网络用户数据库。The second data transfer module is used to extract the user's first encrypted data and network key in the public user database, use the network key to encrypt the user's final encrypted data, and save it in the network user database. 27.如权利要求18所述的装置,其特征在于,所述对称算法为AES64、AES128、或AES256算法。27. The device according to claim 18, wherein the symmetric algorithm is an AES64, AES128, or AES256 algorithm. 28.如权利要求16所述的装置,其特征在于,所述编/解码算法为Base64编/解码。28. The device according to claim 16, wherein the encoding/decoding algorithm is Base64 encoding/decoding.
CN201210093575.3A 2012-03-31 2012-03-31 A kind of method and device carrying out user profile process Active CN102684877B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210093575.3A CN102684877B (en) 2012-03-31 2012-03-31 A kind of method and device carrying out user profile process

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210093575.3A CN102684877B (en) 2012-03-31 2012-03-31 A kind of method and device carrying out user profile process

Publications (2)

Publication Number Publication Date
CN102684877A true CN102684877A (en) 2012-09-19
CN102684877B CN102684877B (en) 2016-03-30

Family

ID=46816280

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210093575.3A Active CN102684877B (en) 2012-03-31 2012-03-31 A kind of method and device carrying out user profile process

Country Status (1)

Country Link
CN (1) CN102684877B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103580851A (en) * 2013-11-13 2014-02-12 福建省视通光电网络有限公司 Information encryption and decryption method
CN103714298A (en) * 2013-12-11 2014-04-09 北京奇虎科技有限公司 Privacy protection method and device
CN105812341A (en) * 2014-12-31 2016-07-27 阿里巴巴集团控股有限公司 User identity identifying method and device
WO2017024804A1 (en) * 2015-08-12 2017-02-16 腾讯科技(深圳)有限公司 Data encryption method, decryption method, apparatus, and system
CN106790135A (en) * 2016-12-27 2017-05-31 Tcl集团股份有限公司 A kind of data ciphering method and system, communication equipment based on high in the clouds
CN107196840A (en) * 2016-03-14 2017-09-22 阿里巴巴集团控股有限公司 Data processing method, device and equipment
CN108282485A (en) * 2018-01-31 2018-07-13 深圳创维-Rgb电子有限公司 A kind of control user login method, smart television and storage device
CN108471329A (en) * 2018-02-05 2018-08-31 杭州电子科技大学 A kind of system architecture in visible light communication system based on LED and mobile phone camera
CN108551366A (en) * 2018-02-05 2018-09-18 杭州电子科技大学 A kind of visible light communication method based on LED and mobile phone camera
CN109040011A (en) * 2018-06-14 2018-12-18 深圳市买买提信息科技有限公司 Method, apparatus, system and the terminal device of data processing
CN109688072A (en) * 2018-12-27 2019-04-26 Tcl通力电子(惠州)有限公司 Speaker method of network entry, speaker and computer readable storage medium
CN109993759A (en) * 2019-02-27 2019-07-09 深圳点猫科技有限公司 A kind of data calling method and device for education resource platform
WO2019205366A1 (en) * 2018-04-27 2019-10-31 平安科技(深圳)有限公司 Picture management method and apparatus, computer device, and storage medium
CN113139203A (en) * 2020-01-19 2021-07-20 上海臻客信息技术服务有限公司 User information leakage prevention method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000011835A1 (en) * 1998-08-19 2000-03-02 Qualcomm Incorporated Secure processing for authentication of a wireless communications device
CN101282214A (en) * 2007-06-14 2008-10-08 北京大学 Encryption protection method and client device for digital document
CN101588348A (en) * 2008-05-22 2009-11-25 中国电信股份有限公司 System logging method and system logging device based on Web

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000011835A1 (en) * 1998-08-19 2000-03-02 Qualcomm Incorporated Secure processing for authentication of a wireless communications device
CN101282214A (en) * 2007-06-14 2008-10-08 北京大学 Encryption protection method and client device for digital document
CN101588348A (en) * 2008-05-22 2009-11-25 中国电信股份有限公司 System logging method and system logging device based on Web

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103580851A (en) * 2013-11-13 2014-02-12 福建省视通光电网络有限公司 Information encryption and decryption method
CN103714298A (en) * 2013-12-11 2014-04-09 北京奇虎科技有限公司 Privacy protection method and device
CN105812341A (en) * 2014-12-31 2016-07-27 阿里巴巴集团控股有限公司 User identity identifying method and device
CN105812341B (en) * 2014-12-31 2019-03-29 阿里巴巴集团控股有限公司 A kind of method and device of identity user identity
US10659226B2 (en) 2015-08-12 2020-05-19 Tencent Technology (Shenzhen) Company Limited Data encryption method, decryption method, apparatus, and system
CN106452770A (en) * 2015-08-12 2017-02-22 深圳市腾讯计算机系统有限公司 Data encryption method and apparatus, data decryption method and apparatus, and system
WO2017024804A1 (en) * 2015-08-12 2017-02-16 腾讯科技(深圳)有限公司 Data encryption method, decryption method, apparatus, and system
CN107196840A (en) * 2016-03-14 2017-09-22 阿里巴巴集团控股有限公司 Data processing method, device and equipment
CN107196840B (en) * 2016-03-14 2020-10-02 阿里巴巴集团控股有限公司 Data processing method, device and equipment
CN106790135A (en) * 2016-12-27 2017-05-31 Tcl集团股份有限公司 A kind of data ciphering method and system, communication equipment based on high in the clouds
CN108282485A (en) * 2018-01-31 2018-07-13 深圳创维-Rgb电子有限公司 A kind of control user login method, smart television and storage device
CN108282485B (en) * 2018-01-31 2020-09-08 深圳创维-Rgb电子有限公司 A method for controlling user login, smart TV and storage device
WO2019148955A1 (en) * 2018-01-31 2019-08-08 深圳创维-Rgb电子有限公司 User login control method, smart television, and storage apparatus
CN108471329A (en) * 2018-02-05 2018-08-31 杭州电子科技大学 A kind of system architecture in visible light communication system based on LED and mobile phone camera
CN108471329B (en) * 2018-02-05 2021-11-30 杭州电子科技大学 System architecture in visible light communication system based on LED and mobile phone camera
CN108551366B (en) * 2018-02-05 2021-11-30 杭州电子科技大学 Visible light communication method based on LED and mobile phone camera
CN108551366A (en) * 2018-02-05 2018-09-18 杭州电子科技大学 A kind of visible light communication method based on LED and mobile phone camera
WO2019205366A1 (en) * 2018-04-27 2019-10-31 平安科技(深圳)有限公司 Picture management method and apparatus, computer device, and storage medium
CN109040011A (en) * 2018-06-14 2018-12-18 深圳市买买提信息科技有限公司 Method, apparatus, system and the terminal device of data processing
CN109688072A (en) * 2018-12-27 2019-04-26 Tcl通力电子(惠州)有限公司 Speaker method of network entry, speaker and computer readable storage medium
CN109993759A (en) * 2019-02-27 2019-07-09 深圳点猫科技有限公司 A kind of data calling method and device for education resource platform
CN113139203A (en) * 2020-01-19 2021-07-20 上海臻客信息技术服务有限公司 User information leakage prevention method

Also Published As

Publication number Publication date
CN102684877B (en) 2016-03-30

Similar Documents

Publication Publication Date Title
CN102684877B (en) A kind of method and device carrying out user profile process
US8560843B1 (en) Encrypted universal resource identifier (URI) based messaging
US10057218B2 (en) Network address-based encryption
CN103684760A (en) Method, device and system for encryption and decryption of communication
CN102282798A (en) Bandwidth efficient method and system for obscuring the existence of encryption in a communications channel
SE539602C2 (en) Generating a symmetric encryption key
CN105376261A (en) Encryption method and system for instant communication message
CN102594842A (en) Device-fingerprint-based network management message authentication and encryption scheme
CN103414727A (en) Encryption protection system for input password input box and using method thereof
CN103327034A (en) Safe login method, system and device
Olumide et al. A hybrid encryption model for secure cloud computing
CN114443718A (en) A data query method and system
GB2504457A (en) Message authentication via distributed secret keys
CN104486756A (en) Encryption and decryption method and system for secret letter short message
CN104113410A (en) Method and device for data encryption transmission based on multi-table encryption method
Choubey et al. Cryptographic techniques in information security
Kaushal Cryptography: A brief review
CN106452754B (en) Multi-user online dynamic encryption method and device
US20130283363A1 (en) Secure data transfer over an arbitrary public or private transport
CN107846422A (en) A kind of configuration file ciphered compressed of gateway and the method for decryption decompression
CN104301102A (en) Widget communication method, device and system
AbouSteit et al. A novel approach for generating one-time password with secure distribution
CN104038337A (en) Data encryption method based on AES128
CN102238150A (en) Form registration method and server
Jung et al. Securing RTP Packets Using Per‐Packet Key Exchange for Real‐Time Multimedia

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: BEIJING QIHU TECHNOLOGY CO., LTD.

Free format text: FORMER OWNER: QIZHI SOFTWARE (BEIJING) CO., LTD.

Effective date: 20121101

Owner name: QIZHI SOFTWARE (BEIJING) CO., LTD.

Effective date: 20121101

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 100016 CHAOYANG, BEIJING TO: 100088 XICHENG, BEIJING

TA01 Transfer of patent application right

Effective date of registration: 20121101

Address after: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park)

Applicant after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Applicant after: Qizhi software (Beijing) Co.,Ltd.

Address before: The 4 layer 100016 unit of Beijing city Chaoyang District Jiuxianqiao Road No. 14 Building C

Applicant before: Qizhi software (Beijing) Co.,Ltd.

C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220719

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.

TR01 Transfer of patent right