[go: up one dir, main page]

CN113783835B - Password sharing method, device, equipment and storage medium - Google Patents

Password sharing method, device, equipment and storage medium Download PDF

Info

Publication number
CN113783835B
CN113783835B CN202110875578.1A CN202110875578A CN113783835B CN 113783835 B CN113783835 B CN 113783835B CN 202110875578 A CN202110875578 A CN 202110875578A CN 113783835 B CN113783835 B CN 113783835B
Authority
CN
China
Prior art keywords
sharing
password
target
template
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110875578.1A
Other languages
Chinese (zh)
Other versions
CN113783835A (en
Inventor
徐峰
吴昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Wodong Tianjun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Wodong Tianjun Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN202110875578.1A priority Critical patent/CN113783835B/en
Publication of CN113783835A publication Critical patent/CN113783835A/en
Application granted granted Critical
Publication of CN113783835B publication Critical patent/CN113783835B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a password sharing method, a password sharing device, password sharing equipment and a storage medium, wherein the password sharing method comprises the following steps: responding to a detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request; generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password; and generating a target sharing password based on the encryption password, and sending the target sharing password to the client. According to the method provided by the embodiment of the invention, the target sharing password is generated based on the target sharing template token, so that the structural complexity and the feature complexity of the target sharing password are increased, the target sharing password is not easy to crack, and the security of the target sharing password is improved.

Description

Password sharing method, device, equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a password sharing method, device, equipment and storage medium.
Background
With the development of information transmission technology, many software has a sharing function, and users can send sharing information to be shared to other users through different sharing channels. However, the sharing manner is often affected by the current limitation of the sharing channel, so that when the sharing amount is large, the sharing manner is often adopted to share the sharing information, the user can send the sharing password to other users through different sharing channels, and the other users can access the sharing information to be shared through the sharing password.
In the process of implementing the present invention, the inventor finds that at least the following technical problems exist in the prior art: when the sharing password is generated, the shared jump link is simple in structure and obvious in characteristics, and is easy to tamper with the jump link by a hacker through means of grabbing a package and the like, and the password selected to tamper with the jump link automatically leads the user to a page guided by the hacker, so that the password is intercepted.
Disclosure of Invention
The embodiment of the invention provides a password sharing method, device, equipment and storage medium, which are used for solving the risk of tampering of links in the password generation process and improving the password transmission safety.
In a first aspect, an embodiment of the present invention provides a password sharing method, which is applied to a server, and includes:
responding to the detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
generating a plaintext password based on the target sharing template token and the sharing object parameters, and encrypting the plaintext password to obtain an encrypted password;
and generating a target sharing password based on the encryption password, and sending the target sharing password to the client.
In a second aspect, an embodiment of the present invention further provides a password sharing method, which is applied to a client, and includes:
Responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server side, and taking the target sharing password as the sharing password of the target sharing request.
In a third aspect, an embodiment of the present invention further provides a password sharing device configured at a server, including:
the token parameter acquisition module is used for responding to the detected sharing password acquisition request and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
the encryption password determining module is used for generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encryption password;
and the sharing password generating module is used for generating a target sharing password based on the encryption password and sending the target sharing password to the client.
In a fourth aspect, an embodiment of the present invention further provides a password sharing device configured at a client, including:
the template token acquisition module is used for responding to the detected object sharing request and acquiring a target sharing template token corresponding to the object sharing request;
The password acquisition request module is used for generating a sharing password acquisition request according to the target sharing template token and the sharing object and sending the sharing password acquisition request to the server;
the sharing password acquisition module is used for receiving the target sharing password returned by the server and taking the target sharing password as the sharing password of the object sharing request.
In a fifth aspect, an embodiment of the present invention further provides a computer apparatus, including:
one or more processors;
a storage means for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors implement the password sharing method as provided in the first aspect of the embodiment of the present invention, and/or implement the password sharing method as provided in the second aspect of the embodiment of the present invention.
In a sixth aspect, embodiments of the present invention further provide a computer readable storage medium, on which a computer program is stored, which when executed by a processor implements the password sharing method as provided in the first aspect of the embodiments of the present invention, and/or implements the password sharing method as provided in the second aspect of the embodiments of the present invention.
According to the embodiment of the invention, the target sharing template token and the sharing object parameter corresponding to the sharing password acquisition request are acquired by responding to the detected sharing password acquisition request; generating a plaintext password based on the target sharing template token and the sharing object parameters, and encrypting the plaintext password to obtain an encrypted password; the target sharing password is generated based on the encryption password, and is sent to the client, and the structural complexity and the feature complexity of the target sharing password are increased by generating the target sharing password based on the target sharing template token, so that the target sharing password is not easy to crack, and the security of the target sharing password is improved.
Drawings
FIG. 1 is a flowchart of a password sharing method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a password sharing method according to a second embodiment of the present invention;
FIG. 3 is a flowchart of a password sharing method according to a third embodiment of the present invention;
FIG. 4a is a flowchart of a password sharing method according to a fourth embodiment of the present invention;
fig. 4b is a schematic flow chart of domain name preresolved according to a fourth embodiment of the invention;
FIG. 4c is a flowchart of a plaintext password generation according to a fourth embodiment of the present invention;
FIG. 4d is a flowchart of a target sharing password generation according to a fourth embodiment of the present invention;
FIG. 4e is a schematic diagram of a password exchange process according to a fourth embodiment of the present invention;
FIG. 5 is a schematic diagram of a password sharing device according to a fifth embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a password sharing device according to a sixth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a computer device according to a seventh embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the structures related to the present invention are shown in the drawings.
Example 1
Fig. 1 is a flowchart of a password sharing method according to an embodiment of the invention. The password sharing method provided by the embodiment is applied to the server and can be suitable for the situation when the password is shared. The method may be performed by a password sharing device, which may be implemented in software and/or hardware, for example, the password sharing device may be configured in a computer device. As shown in fig. 1, the method includes:
s110, responding to the detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request.
In this embodiment, the request for obtaining the sharing password may be a request initiated by the client for obtaining the analysis password of the sharing object. The client generates an analysis password acquisition request based on the detected object sharing request and sends the analysis password acquisition request to the server after the client triggers the object sharing request.
In general, the analysis password acquisition request includes information such as a sharing object, a sharing source user identifier, and a sharing channel. For the structural complexity and the feature complexity of the target sharing password, in this embodiment, the source text information of the sharing object is not used as the target sharing password any more, but the target sharing password is generated based on a preset sharing template. In order to further ensure the security of the target sharing password, the sharing target can be encrypted to generate a sharing template token, and the target sharing password is generated based on the sharing template token. Optionally, the client side issues the sharing template token in advance, and after detecting the object sharing request initiated by the user, the client side generates a sharing password acquisition request based on the sharing template token and the sharing object parameter issued in advance by the server side. After receiving the sharing password obtaining request sent by the client, the server analyzes the sharing password obtaining request to obtain a sharing template token and sharing object parameters contained in the sharing password obtaining request, and takes the sharing template token in the sharing password obtaining request as a target sharing template token. The target sharing template token may be a display form of a character string, and the sharing object parameter may also be displayed in a character form, which is not limited herein.
On the basis of the above scheme, the password sharing method provided by the embodiment further includes:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
It will be appreciated that when the sharing object types are different, there may be different sharing passwords. Based on this, in order to unify the sharing templates of the same type, a sharing template corresponding to each sharing object type may be set, the sharing template is encrypted to obtain a sharing template token, and the sharing template token and the sharing object type are stored in an associated manner and issued to the client, so that the client can generate a sharing password acquisition request according to the sharing template token issued in advance by the server. The sharing object types may be classified according to different criteria, for example, the sharing object types may be article types, item types, activity types, and the like. When the type of the sharing object is the article type, the sharing object can be a web blog, when the type of the sharing object is the article type, the sharing object can be a commodity, when the type of the sharing object is the activity type, the sharing object can be a marketing activity and the like.
S120, generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password.
In this embodiment, after the server obtains the target sharing template token and the sharing object parameter, the server may determine the information of the sharing object, and further generate the sharing password. In order to avoid plaintext transmission of the shared password, after the shared password of the plaintext is generated based on the target shared template token and the shared object parameter, the plaintext password needs to be encrypted to obtain an encrypted password.
In one embodiment of the present invention, generating a plaintext password based on a target sharing template token and sharing object parameters includes:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain the plaintext password.
It will be appreciated that the target sharing template is an unencrypted form of the target sharing template token, and thus, the target sharing template may be generated directly based on the target sharing template token. Optionally, the association relationship between the target sharing template and the target sharing template token may be stored in advance, the target sharing template corresponding to the target sharing template token may be determined directly according to the pre-stored association relationship, or the target sharing template token may be decrypted directly to obtain the target sharing template.
In one embodiment, the target sharing template is divided into three main parts: hostname (www.example.com) +path (path) +parameter (a=. Is one of the parameter templates (a=? Is a placeholder. Correspondingly, the shared object parameter includes a hostname parameter path parameter. Based on the above, the shared object parameter can be directly used as the placeholder parameter of the target shared template to obtain the plaintext password.
S130, generating a target sharing password based on the encryption password, and sending the target sharing password to the client.
In this embodiment, after the encrypted password is obtained, a target sharing password is generated based on the encrypted password, and the target sharing password is sent to the client. Optionally, the target sharing password can be generated by directly adding the information head and the like on the basis of the encryption password, and the encryption password can be further processed to obtain the target sharing password.
In one embodiment, generating the target sharing password based on the encrypted password includes: and encrypting the encrypted password to obtain the target sharing password. In order to ensure the security of the target sharing password, the encrypted password can be encrypted again to obtain the target sharing password. Optionally, encrypting the encrypted password to obtain the target sharing password, including: and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password. The advanced encryption standard (Advanced Encryption Standard, AES) algorithm is used for encrypting the data file, is an advanced symmetric encryption standard, has high speed and high security level, has strong diffusion performance, and finally forms a password with high randomness, thereby ensuring the security of the target sharing password.
According to the embodiment of the invention, the target sharing template token and the sharing object parameter corresponding to the sharing password acquisition request are acquired by responding to the detected sharing password acquisition request; generating a plaintext password based on the target sharing template token and the sharing object parameters, and encrypting the plaintext password to obtain an encrypted password; the target sharing password is generated based on the encryption password, and is sent to the client, and the structural complexity and the feature complexity of the target sharing password are increased by generating the target sharing password based on the target sharing template token, so that the target sharing password is not easy to crack, and the security of the target sharing password is improved.
Example two
Fig. 2 is a flowchart of a password sharing method according to a second embodiment of the present invention. The password sharing method provided by the embodiment is applied to the application end and can be suitable for the situation when the password is shared. The method may be performed by a password sharing device, which may be implemented in software and/or hardware, for example, the password sharing device may be configured in a computer device. As shown in fig. 2, the method includes:
s210, responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request.
In this embodiment, the object sharing request may be a request initiated by a user through an operation terminal for requesting to share a certain object. The method includes the steps that a user triggers an object sharing instruction on an interface of an operation terminal, the operation terminal generates an object sharing request based on the object sharing instruction triggered by the user, and after the client detects the object sharing request initiated by the user, a target sharing template token corresponding to the object sharing request is determined to generate a sharing password acquisition request based on the target sharing target token. The sharing template token is issued in advance by the server.
In one embodiment of the present invention, obtaining a target sharing template token corresponding to an object sharing request includes:
and determining the target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as a target template sharing token.
It will be appreciated that when the sharing object types are different, there may be different sharing passwords. Based on the above, the server unifies the sharing templates of the same type, can set the sharing template corresponding to each sharing object type, encrypts the sharing template to obtain a sharing template token, stores the sharing template token and the sharing object type in an associated manner, and issues the sharing template token and the sharing object type to the client, and after detecting the object sharing request, the client can determine the target sharing token according to the target sharing type of the object sharing request, and further generates a sharing password acquisition request based on the target sharing template token. The sharing object types may be classified according to different criteria, for example, the sharing object types may be article types, item types, activity types, and the like. When the type of the sharing object is the article type, the sharing object can be a web blog, when the type of the sharing object is the article type, the sharing object can be a commodity, when the type of the sharing object is the activity type, the sharing object can be a marketing activity and the like. After detecting the object sharing request, the client determines the object type of the sharing object as a target sharing type, and searches a sharing template token corresponding to the target sharing type from the sharing template tokens issued in advance by the server to serve as a target sharing template token.
S220, generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server.
Optionally, the sharing object parameters required for generating the sharing password acquisition request may be determined based on the target sharing template token. And generating a sharing password acquisition request based on the target sharing template token and the sharing object parameters. Specifically, a target sharing template can be generated based on the target sharing template token, and parameters needing bit filling in the target sharing template are used as sharing object parameters needed by a sharing password acquisition request. Illustratively, the sharing object parameter may be a hostname, a path, and the like of the sharing object.
It will be appreciated that the target sharing template is an unencrypted form of the target sharing template token, and thus, the target sharing template may be generated directly based on the target sharing template token. Optionally, the association relationship between the target sharing template and the target sharing template token may be stored in advance, the target sharing template corresponding to the target sharing template token may be determined directly according to the pre-stored association relationship, or the target sharing template token may be decrypted directly to obtain the target sharing template.
S230, receiving a target sharing password returned by the server side, and taking the target sharing password as a sharing password of the target sharing request.
In this embodiment, after receiving the target sharing password returned by the server, the client uses the target sharing password as the sharing password of the target sharing request. For example, the target sharing password may be added to the cut-off board, and when the user triggers the paste operation, the target sharing directory is pasted to the position corresponding to the user paste operation, so as to complete sharing of the sharing object.
On the basis of the scheme, after the shared user receives the sharing password, the shared user initiates a sharing object access request based on the sharing password, after the client detects the sharing object access request triggered by the user, the client generates a sharing object information acquisition request and sends the sharing object information acquisition request to the server, the server analyzes the sharing information acquisition request to obtain a target sharing template token in the target sharing password, and then obtains sharing object information corresponding to the sharing object acquisition request based on the target sharing template token and the sharing object parameter and sends the sharing object information to the client.
It can be understood that after the user may paste the target sharing password, the user may copy the sharing object access request triggered by the target sharing password, or may share the target sharing password to other users, where other users operate the sharing object access request triggered by the target sharing password through other clients. Therefore, in this embodiment, the client that obtains the target sharing password and the client that generates the sharing object access request based on the target sharing password to obtain the sharing object information may be the same client, or may be different clients, that is, the client that initiates the sharing password obtaining request and the client that initiates the sharing object information obtaining request may be the same client, or may be different clients.
According to the embodiment of the invention, the target sharing template token corresponding to the object sharing request is obtained by responding to the detected object sharing request; generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server; the method comprises the steps of receiving a target sharing password returned by a server, taking the target sharing password as a sharing password of a target sharing request, and generating a sharing password acquisition request based on a target sharing template token, so that the structural complexity and the feature complexity of the sharing password acquisition request are increased, the sharing password acquisition request is not easy to crack, the security of the sharing password acquisition request is improved, and the security of the obtained target sharing password is further improved.
Example III
Fig. 3 is a flowchart of a password sharing method according to a third embodiment of the present invention. The password sharing method provided by the embodiment is interactively executed by the application end and the server end, and can be suitable for the situation when the password is shared. In this embodiment, explanations of the same or corresponding terms as those of the above embodiments are not repeated here. As shown in fig. 3, the method includes:
s310, the client responds to the detected object sharing request and acquires a target sharing template token corresponding to the object sharing request.
S320, the client generates a sharing password acquisition request according to the target sharing template token and the sharing object, and sends the sharing password acquisition request to the server.
S330, the server responds to the detected sharing password acquisition request to acquire a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request.
S340, the server generates a plaintext password based on the target sharing template token and the sharing object parameter, encrypts the plaintext password, and obtains an encrypted password.
S350, the server generates a target sharing password based on the encryption password, and sends the target sharing password to the client.
S360, the client receives the target sharing password returned by the server and takes the target sharing password as the sharing password of the object sharing request.
The client in the embodiment of the invention increases the structural complexity and the feature complexity of the sharing password acquisition request by generating the sharing password acquisition request based on the target sharing template token; the server side generates a target sharing password based on the target sharing template token, so that the structural complexity and the feature complexity of the target sharing password are increased; the sharing password acquisition request is not easy to crack, so that the security of the sharing password acquisition request is improved, and the security of the obtained target sharing password is further improved.
Example IV
The present embodiment provides a preferred embodiment based on the above-described scheme.
At present, password-based sharing is realized by taking a user's clipboard as a carrier in a plain text manner, so that cross-APP and cross-platform information sharing is realized. However, the existing plain text password is easy to be broken and intercepted, and the password sharing method is not provided for solving the technical problems. Fig. 4a is a flowchart of a password sharing method according to a fourth embodiment of the present invention. As shown in fig. 4a, the password sharing method provided by the embodiment of the invention mainly includes: domain name pre-resolution, password generation and password redemption. Wherein:
domain name pre-resolution mainly enables generation of a target password sharing token. Fig. 4b is a schematic flow chart of domain name preresolved according to a fourth embodiment of the present invention. As shown in fig. 4b, the domain name pre-resolution includes:
(1) The business party needs to first determine a shared uniform resource locator (Uniform Resource Locator, URL) template (i.e. a target password sharing template), such as http:// www.example.com/patha=xx &=b=xx. The template is mainly divided into three parts: hostname (www.example.com) +path) +parameter (a=. Wherein the path and parameters of the URL are designed as variable parameters. The path is an unnecessary parameter. Parameter templates (a=? Is a placeholder.
(2) And uploading the host name, the path and the parameter template, wherein the parameter is bound with the service identity during uploading. Pre-parsing the target password sharing template http:// www.example.com/patha=xx =b=xx into a token: 3ny rrbawwbvxsdd (i.e. target password sharing token), when the client actually calls, the URL only needs to transmit the target password sharing token 3ny rrbawwbvxsdd, and parameters transmit the set [ value1, value2], and the path can transmit/path.
(3) The server pre-processes, packages the host name, the path and the parameter template into objects, obtains a 16-bit character key as a redis key through a setting algorithm, and returns the key as a target password sharing token to the client.
By means of domain name and resolution, the interceptor cannot replace the original link of the password with the link of the interceptor, so that the purpose of intercepting is achieved.
Domain name preresolved mainly realizes the generation of target sharing password. Comprising the following steps:
in the domain name pre-resolution stage, the client side has acquired the token of the domain name (namely the target password sharing token), so that when the sharing password acquisition request is generated, the client side does not need to use a clear text link as a parameter, and only needs to carry the token and the parameter array. Fig. 4c is a schematic flow chart of a plaintext password generation according to a fourth embodiment of the present invention. As shown in fig. 4c, the server redeems the target sharing password template token for the target sharing password template, and then adds the sharing object parameter as the placeholder parameter to the target sharing password template to obtain a complete url as the plaintext password.
After the token acquires the plaintext link at the server, a token is generated again by using a domain name pre-resolution stage method to serve as a key of a password (namely an encryption password) and is inserted into the shared password document. And finally, encrypting the completed password file once to obtain a target sharing password, and sending the target sharing password to the client, wherein the client analyzes and displays the password through a software development kit SDK. Fig. 4d is a flowchart of a target sharing password generation according to a fourth embodiment of the present invention. As shown in fig. 4d, the server side assembles password information, generates a token, stores the token, synthesizes the password to obtain a target sharing password, and sends the target sharing password to the client side.
The password exchange mainly realizes the acquisition of information corresponding to the target sharing password. Fig. 4e is a schematic flow chart of password exchange according to a fourth embodiment of the present invention. As shown in fig. 4e, password exchange includes:
the client encrypts the password on the user shear plate (such as AES encryption) and then transmits the encrypted password to the server, the server obtains the token in the document through decryption, and then obtains the shared original document from the redis service and transmits the shared original document to the client.
The embodiment of the invention provides a domain name preresolved strategy in the password sharing process, and the problem of plaintext transmission is effectively solved through preresolved, so that the security of the password is greatly improved.
Example five
Fig. 5 is a schematic structural diagram of a password sharing device according to a fifth embodiment of the present invention. The password sharing device may be implemented in software and/or hardware, for example, the password sharing device may be configured in a computer device, such as a server. As shown in fig. 3, the apparatus includes a token parameter acquisition module 510, an encrypted password determination module 520, and a shared password generation module 530, wherein:
the token parameter obtaining module 510 is configured to obtain, in response to the detected sharing password obtaining request, a target sharing template token and a sharing object parameter corresponding to the sharing password obtaining request;
the encryption password determining module 520 is configured to generate a plaintext password based on the target sharing template token and the sharing object parameter, and encrypt the plaintext password to obtain an encrypted password;
the sharing password generating module 530 is configured to generate a target sharing password based on the encrypted password, and send the target sharing password to the client.
According to the embodiment of the invention, a token parameter acquisition module responds to a detected sharing password acquisition request to acquire a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request; the encryption password determining module generates a plaintext password based on the target sharing template token and the sharing object parameter, encrypts the plaintext password and obtains an encryption password; the sharing password generating module generates a target sharing password based on the encryption password, and sends the target sharing password to the client, and the structural complexity and the feature complexity of the target sharing password are increased by generating the target sharing password based on the target sharing template token, so that the target sharing password is not easy to crack, and the security of the target sharing password is improved.
Generating a plaintext password based on the target sharing template token and the sharing object parameters, including:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain the plaintext password.
Optionally, further, the sharing password generating module 530 is specifically configured to:
and encrypting the encrypted password to obtain the target sharing password.
Optionally, further, the sharing password generating module 530 is specifically configured to:
and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password.
Optionally, further, the apparatus further includes a template token generating module configured to:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
The password sharing device provided by the embodiment of the invention can execute the password sharing method provided by the first embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example six
Fig. 6 is a schematic structural diagram of a password sharing device according to a sixth embodiment of the present invention. The password sharing device may be implemented in software and/or hardware, for example, the password sharing device may be configured in a computer device, such as an application end. As shown in fig. 3, the apparatus includes a template token acquisition module 610, a password acquisition request module 620, and a shared password acquisition module 630, wherein:
The template token obtaining module 610 is configured to obtain a target sharing template token corresponding to the object sharing request in response to the detected object sharing request;
the password acquisition request module 620 is configured to generate a sharing password acquisition request according to the target sharing template token and the sharing object, and send the sharing password acquisition request to the server;
the sharing password obtaining module 630 is configured to receive a target sharing password returned by the server, and use the target sharing password as a sharing password of the object sharing request.
According to the embodiment of the invention, the template token obtaining module responds to the detected object sharing request to obtain the target sharing template token corresponding to the object sharing request; the password acquisition request module generates a sharing password acquisition request according to the target sharing template token and the sharing object, and sends the sharing password acquisition request to the server; the sharing password acquisition module receives the target sharing password returned by the server and takes the target sharing password as the sharing password of the target sharing request, and the structural complexity and the feature complexity of the sharing password acquisition request are increased by generating the sharing password acquisition request based on the target sharing template token, so that the sharing password acquisition request is not easy to crack, the security of the sharing password acquisition request is improved, and the security of the obtained target sharing password is further improved.
Optionally, based on the above scheme, the template token obtaining module 610 is specifically configured to:
and determining the target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as a target template sharing token.
The password sharing device provided by the embodiment of the invention can execute the password sharing method provided by the second embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example seven
Fig. 7 is a schematic structural diagram of a computer device according to a seventh embodiment of the present invention. FIG. 5 illustrates a block diagram of an exemplary computer device 712 suitable for use in implementing embodiments of the invention. The computer device 712 shown in fig. 7 is merely an example and should not be construed as limiting the functionality and scope of use of embodiments of the present invention.
As shown in FIG. 7, computer device 712 is in the form of a general purpose computing device. Components of computer device 712 may include, but are not limited to: one or more processors 716, a system memory 728, and a bus 718 that connects the various system components (including the system memory 728 and the processor 716).
Bus 718 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor 716, or a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, micro channel architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Computer device 712 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by computer device 712 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 728 may include computer system readable media in the form of volatile memory such as Random Access Memory (RAM) 730 and/or cache memory 732. The computer device 712 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage 734 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 7, commonly referred to as a "hard disk drive"). Although not shown in fig. 7, a magnetic disk drive for reading from and writing to a removable non-volatile magnetic disk (e.g., a "floppy disk"), and an optical disk drive for reading from or writing to a removable non-volatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In such cases, each drive may be coupled to bus 718 through one or more data media interfaces. Memory 728 may include at least one program product having a set (e.g., at least one) of program modules configured to carry out the functions of the embodiments of the invention.
A program/utility 740 having a set (at least one) of program modules 742 may be stored, for example, in memory 728, such program modules 742 include, but are not limited to, an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment. Program modules 742 generally perform the functions and/or methodologies of the described embodiments of the invention.
The computer device 712 can also communicate with one or more external devices 714 (e.g., keyboard, pointing device, display 724, etc.), one or more devices that enable a user to interact with the computer device 712, and/or any devices (e.g., network card, modem, etc.) that enable the computer device 712 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 722. Moreover, computer device 712 may also communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet via network adapter 720. As shown, the network adapter 720 communicates with other modules of the computer device 712 via the bus 718. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with computer device 712, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
Processor 716 executes programs stored in system memory 728 to perform various functional applications and data processing, such as implementing a password sharing method provided by a first embodiment of the present invention, which includes:
responding to the detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
generating a plaintext password based on the target sharing template token and the sharing object parameters, and encrypting the plaintext password to obtain an encrypted password;
generating a target sharing password based on the encryption password, and sending the target sharing password to the client;
and/or implementing the method for collecting clinical study data provided in the second embodiment of the present invention, where the method includes:
responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server side, and taking the target sharing password as the sharing password of the target sharing request.
Of course, it will be understood by those skilled in the art that the processor may also implement the technical solution of the password sharing method provided in any embodiment of the present invention.
Example eight
The fifth embodiment of the present invention further provides a computer readable storage medium having a computer program stored thereon, where the program when executed by a processor implements the password sharing method provided in the first embodiment of the present invention, the method including:
responding to the detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request;
generating a plaintext password based on the target sharing template token and the sharing object parameters, and encrypting the plaintext password to obtain an encrypted password;
generating a target sharing password based on the encryption password, and sending the target sharing password to the client;
and/or implementing the method for collecting clinical study data provided in the second embodiment of the present invention, where the method includes:
responding to the detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request;
generating a sharing password acquisition request according to the target sharing template token and the sharing object, and sending the sharing password acquisition request to the server;
and receiving a target sharing password returned by the server side, and taking the target sharing password as the sharing password of the target sharing request.
Of course, the computer readable storage medium provided in the embodiments of the present invention, on which the computer program stored is not limited to the above method operations, but may also perform the related operations of the password sharing method provided in any embodiment of the present invention.
The computer storage media of embodiments of the invention may take the form of any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.

Claims (11)

1. The password sharing method is characterized by comprising the following steps of:
responding to a detected sharing password acquisition request, and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request; the target sharing template token characterizes an encryption form of a target sharing template, the target sharing template comprises a host name, a path and a parameter template, and the sharing object parameter is a parameter to be complemented in the target sharing template;
generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encrypted password;
and generating a target sharing password based on the encryption password, and sending the target sharing password to the client.
2. The method of claim 1, wherein generating a plaintext password based on the target shared template token and shared object parameters comprises:
and determining a target sharing template according to the target sharing template token, and taking the sharing object parameter as a placeholder parameter of the target sharing template to obtain the plaintext password.
3. The method of claim 1, wherein the generating a target sharing password based on the encrypted password comprises:
And encrypting the encryption password to obtain the target sharing password.
4. The method of claim 3, wherein encrypting the encrypted password to obtain the target-sharing password comprises:
and encrypting the encrypted password by adopting an advanced encryption standard algorithm to obtain the target sharing password.
5. The method as recited in claim 1, further comprising:
and constructing a sharing template corresponding to each sharing object type, and encrypting the sharing template to obtain a sharing template token corresponding to each sharing object type.
6. The password sharing method is characterized by comprising the following steps of:
responding to a detected object sharing request, and acquiring a target sharing template token corresponding to the object sharing request; the target sharing template token characterizes an encryption form of a target sharing template, and the target sharing template comprises a host name, a path and a parameter template;
generating a sharing password acquisition request according to the target sharing template token and the sharing object parameter, and sending the sharing password acquisition request to a server; the sharing object parameters are parameters to be complemented in the target sharing template;
And receiving a target sharing password returned by the server side, and taking the target sharing password as the sharing password of the object sharing request.
7. The method of claim 6, wherein the obtaining the target sharing template token corresponding to the object sharing request comprises:
and determining the target sharing type of the object sharing request, and acquiring a sharing template token associated with the target sharing type as the target sharing template token.
8. A password sharing apparatus, comprising:
the token parameter acquisition module is used for responding to the detected sharing password acquisition request and acquiring a target sharing template token and sharing object parameters corresponding to the sharing password acquisition request; the target sharing template token characterizes an encryption form of a target sharing template, the target sharing template comprises a host name, a path and a parameter template, and the sharing object parameter is a parameter to be complemented in the target sharing template;
the encryption password determining module is used for generating a plaintext password based on the target sharing template token and the sharing object parameter, and encrypting the plaintext password to obtain an encryption password;
And the sharing password generating module is used for generating a target sharing password based on the encryption password and sending the target sharing password to the client.
9. A password sharing apparatus, comprising:
the template token acquisition module is used for responding to the detected object sharing request and acquiring a target sharing template token corresponding to the object sharing request; the target sharing template token characterizes an encryption form of a target sharing template, and the target sharing template comprises a host name, a path and a parameter template;
the password acquisition request module is used for generating a sharing password acquisition request according to the target sharing template token and the sharing object parameter, and sending the sharing password acquisition request to a server; the sharing object parameters are parameters to be complemented in the target sharing template;
the sharing password acquisition module is used for receiving a target sharing password returned by the server and taking the target sharing password as the sharing password of the object sharing request.
10. A computer device, the device comprising:
one or more processors;
a storage means for storing one or more programs;
When executed by the one or more processors, causes the one or more processors to implement the password sharing method of any of claims 1-5 and/or the password sharing method of any of claims 6-7.
11. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements a password sharing method according to any of claims 1-5 and/or implements a password sharing method according to any of claims 6-7.
CN202110875578.1A 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium Active CN113783835B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110875578.1A CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110875578.1A CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113783835A CN113783835A (en) 2021-12-10
CN113783835B true CN113783835B (en) 2023-07-04

Family

ID=78836277

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110875578.1A Active CN113783835B (en) 2021-07-30 2021-07-30 Password sharing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113783835B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115296816A (en) * 2022-08-02 2022-11-04 中国银行股份有限公司 Mobile banking sharing processing method and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8332637B2 (en) * 2006-06-06 2012-12-11 Red Hat, Inc. Methods and systems for nonce generation in a token
US10193689B2 (en) * 2010-05-19 2019-01-29 International Business Machines Corporation Storing access information in a dispersed storage network
GB2507100A (en) * 2012-10-19 2014-04-23 Ibm Secure sharing and collaborative editing of documents in cloud based applications
CN110290146B (en) * 2019-07-03 2021-10-08 北京达佳互联信息技术有限公司 Method and device for generating shared password, server and storage medium
CN111339508A (en) * 2020-02-28 2020-06-26 北京达佳互联信息技术有限公司 Shared password analysis method and device, electronic equipment and storage medium
CN112632418A (en) * 2020-12-16 2021-04-09 北京达佳互联信息技术有限公司 Password sharing method and device, electronic equipment and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111460503A (en) * 2020-04-01 2020-07-28 得到(天津)文化传播有限公司 Data sharing method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN113783835A (en) 2021-12-10

Similar Documents

Publication Publication Date Title
US8484480B2 (en) Transmitting information using virtual input layout
CN107248984B (en) Data exchange system, method and device
US10375064B2 (en) Method, apparatus, and system for remotely accessing cloud applications
CN111199037B (en) Login method, system and device
CN114826733B (en) File transmission method, device, system, equipment, medium and program product
CN110851800B (en) Code protection method, device, system and readable storage medium
US11949688B2 (en) Securing browser cookies
CN110377440A (en) Information processing method and device
CN113630412B (en) Resource downloading method, resource downloading device, electronic equipment and storage medium
CN110662089A (en) Bullet screen receiving and processing method, storage medium, electronic equipment and system
CN113783835B (en) Password sharing method, device, equipment and storage medium
CN109711178B (en) Key value pair storage method, device, equipment and storage medium
CN111447206A (en) JS resource encryption transmission method and device, server and storage medium
US10049222B1 (en) Establishing application trust levels using taint propagation
CN114584381A (en) Security authentication method and device based on gateway, electronic equipment and storage medium
CN109120576B (en) Data sharing method and device, computer equipment and storage medium
CN110858243B (en) Page acquisition method and device for gateway
CN116112172B (en) Android client gRPC interface security verification method and device
CN110492998A (en) Methods of encrypting and decrypting data
CN116346486A (en) Combined login method, device, equipment and storage medium
CN113472785B (en) Data processing method and device, electronic equipment and readable storage medium
CN111489184B (en) Method, device, server, client and medium for verifying click behavior
CN109462604B (en) Data transmission method, device, equipment and storage medium
CN112347382A (en) Product page sharing method and device and electronic equipment
CN112559825B (en) Service processing method, device, computing equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant