CN114240347B - Business service secure connection method, device, computer equipment, and storage medium - Google Patents
Business service secure connection method, device, computer equipment, and storage medium Download PDFInfo
- Publication number
- CN114240347B CN114240347B CN202111491579.2A CN202111491579A CN114240347B CN 114240347 B CN114240347 B CN 114240347B CN 202111491579 A CN202111491579 A CN 202111491579A CN 114240347 B CN114240347 B CN 114240347B
- Authority
- CN
- China
- Prior art keywords
- service
- authorization
- application
- control platform
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000013475 authorization Methods 0.000 claims abstract description 202
- 238000003032 molecular docking Methods 0.000 claims abstract description 37
- 238000004590 computer program Methods 0.000 claims abstract description 29
- 230000003993 interaction Effects 0.000 claims abstract description 27
- 230000006854 communication Effects 0.000 claims description 35
- 238000004891 communication Methods 0.000 claims description 34
- 230000004044 response Effects 0.000 claims description 4
- 239000000758 substrate Substances 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000002349 favourable effect Effects 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 238000005192 partition Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000035515 penetration Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Human Resources & Organizations (AREA)
- Computer Security & Cryptography (AREA)
- Economics (AREA)
- Marketing (AREA)
- Entrepreneurship & Innovation (AREA)
- Development Economics (AREA)
- Data Mining & Analysis (AREA)
- Technology Law (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a business service secure docking method, a business service secure docking device, computer equipment, a storage medium and a computer program product. The application can realize the business interaction between the local and the service access address, and realize the provision of safe and reliable business service for the user. The method comprises the steps of sending a service approval application aiming at target business service to a control platform by cloud virtual scene construction software to obtain service approval information from the control platform, wherein the service approval information comprises an application authorization address, sending an authorization application corresponding to the target business service to the application authorization address, judging by the control platform according to the authorization application to obtain an authorization judgment result, returning the authorization judgment result, obtaining a service access address if the authorization judgment result comprises authorization success information, providing the service access address to the control platform by a service provider, and implementing business information interaction corresponding to the target business service between the local and the service access address by using the authorization success information.
Description
Technical Field
The present application relates to the field of artificial intelligence virtual reality technology, and in particular, to a business service secure docking method, apparatus, computer device, storage medium, and computer program product.
Background
With the penetration of internet technology into various industries, the financial field is gradually developed to the direction of digitalization. At present, various 3D digital banking applications appear in the financial field, the 3D digital banking consists of an external 3D digital exhibition hall (realized by cloud virtual scene construction software) facing clients and a plurality of internal financial service applications, a user does not need to spend a lot of time to transact business at a banking entity website, and financial service experience as if real scene reproduction can be realized only through network terminal operation.
In the current 3D financial internet application system, an external 3D digital exhibition hall facing a customer is deployed in a public cloud with low security requirements, and various internal financial service applications are deployed in a private cloud of a bank with high security requirements according to different financial business partitions. After the customer requests the service in the 3D digital exhibition hall, the internal financial service application completes the information interaction by judging whether the identity of the user is legal or not.
However, in the current technology, the 3D digital exhibition hall cannot safely transfer sensitive information to each internal financial service application, and the internal financial service application cannot accurately identify the caller, and a safe and reliable interaction manner is lacking between the 3D digital exhibition hall and the financial service application.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a business service secure docking method, apparatus, computer device, computer readable storage medium, and computer program product.
In a first aspect, the present application provides a method for securely interfacing business services, the method comprising:
A service approval application aiming at a target business service is sent to a control platform so as to acquire service approval information from the control platform, wherein the service approval information comprises an application authorization address;
The control platform is used for judging the authorization application to obtain an authorization judgment result and returning the authorization judgment result;
if the authorization judging result contains authorization success information, acquiring a service access address, wherein the service access address is provided for the control platform by a service provider;
And implementing business information interaction corresponding to the target business service between the local and the service access address by utilizing the authorization success information.
In one embodiment, the service approval information includes a home terminal identity and a first key pair, and the sending the authorization application to the authorization application address for the target business service includes:
generating an authorization application plaintext based on the local end identity;
Signing the plaintext of the authorized application by using a first private key in the first key pair;
carrying out full message encryption on the signed authorization application by utilizing a first public key in the first key pair to obtain the authorization application ciphertext;
and sending the authorization application ciphertext to the application authorization address.
In one embodiment, the control platform is configured to decrypt the authorization application ciphertext by using the first public key to obtain the authorization application plaintext;
The control platform is further used for encrypting the communication parameters, the access mark and the service access address by using a symmetric encryption method under the condition that the plaintext of the authorized application is verified to be legal, obtaining the authorization success information and returning the authorization success information.
In one embodiment, if the authorization determination result includes authorization success information, acquiring the service access address includes:
and decrypting the authorization success information to obtain the service access address.
In one embodiment, the authorization success information further includes the communication parameter and the access flag, and the implementing the service information interaction corresponding to the target service between the local and the service access address by using the authorization success information includes:
responding to a user request aiming at the target business service, and generating corresponding request parameters;
Encrypting the request parameters by using the communication parameters to obtain encrypted request parameters;
And sending the encrypted request parameters, the access mark and the local terminal identity to the service access address so that the service provider verifies the validity of the access mark and provides corresponding business service according to the local terminal identity and the request parameters.
In one embodiment, the control platform is deployed in a private cloud, and the target business service comprises a financial service.
In a second aspect, the present application further provides a business service secure docking apparatus, where the apparatus includes:
The system comprises a service approval application sending module, a control platform, a service approval application processing module and a service approval processing module, wherein the service approval application sending module is used for sending a service approval application aiming at target business service to the control platform so as to acquire service approval information from the control platform;
The authorization application sending module is used for sending an authorization application corresponding to the target business service to the application authorization address; the control platform is used for judging the authorization application to obtain an authorization judgment result and returning the authorization judgment result;
The service access address acquisition module is used for acquiring a service access address if the authorization judging result contains authorization success information, wherein the service access address is provided for the control platform by a service provider;
and the service information interaction module is used for implementing service information interaction corresponding to the target service between the local and the service access address by utilizing the authorization success information.
In one embodiment, the service approval information includes a home terminal identity and a first key pair;
The authorization application sending module is further configured to generate an authorization application plaintext based on the local identity, sign the authorization application plaintext by using a first private key in the first key pair, encrypt the signed authorization application with a full message by using a first public key in the first key pair to obtain the authorization application ciphertext, and send the authorization application ciphertext to the application authorization address.
In one embodiment, the control platform is configured to decrypt the authorization application ciphertext by using the first public key to obtain the authorization application plaintext;
The control platform is further used for encrypting the communication parameters, the access mark and the service access address by using a symmetric encryption method under the condition that the plaintext of the authorized application is verified to be legal, obtaining the authorization success information and returning the authorization success information.
In one of the embodiments of the present invention,
The service access address acquisition module is further configured to decrypt the authorization success information to obtain the service access address.
In one embodiment, the authorization success information further includes the communication parameter and the access flag;
The service information interaction module is further used for responding to a user request aiming at the target service to generate corresponding request parameters, encrypting the request parameters by utilizing the communication parameters to obtain encrypted request parameters, and sending the encrypted request parameters, the access mark and the local end identity to the service access address so that the service provider can verify the validity of the access mark and provide corresponding service according to the local end identity and the request parameters.
In one embodiment, the control platform is deployed in a private cloud, and the target business service comprises a financial service.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps in the business service secure docking method embodiment when executing the computer program.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the above-described embodiments of a business service secure docking method.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of the above-described embodiments of a business service secure docking method.
Compared with the traditional interaction between the public cloud client and the private cloud back-end service, the business service secure docking method, the business service secure docking device, the computer equipment, the storage medium and the computer program product can realize the following technical effects:
The method comprises the steps of utilizing cloud virtual scene construction software to send service approval application aiming at target business service to a control platform to obtain service approval information from the control platform, wherein the service approval information comprises application authorization addresses, the step ensures that the application authorization addresses are legal and are not masquerading by hackers, meanwhile, the service approval application is sent to the control platform to obtain approval instead of directly enabling a client to start an interaction process with a back-end service, safety of the control platform is guaranteed, the application authorization addresses are sent to the application authorization addresses to enable the authorization application corresponding to the target business service to be judged, the control platform is used for judging the authorization application to obtain authorization judging results and returning the authorization judging results, if the authorization judging results comprise authorization success information, service access addresses are obtained, the service access addresses are provided for the control platform by a service provider, and business information interaction corresponding to the target business service is implemented between the local and the service access addresses by utilizing the authorization success information. According to the method and the system, the service access address can be obtained after the business service on the user-oriented unsafe cloud virtual scene construction software is subjected to approval by the control platform and authorization judgment by the control platform, and finally the business interaction between the local and the service access address is realized, so that a safety channel between the public cloud virtual scene construction software and a service provider in a private cloud of a bank is opened, and safe and reliable business service is provided for the user.
In addition, the embodiment of the application distributes the key pair for the cloud virtual scene construction software through the control platform with public trust, and simultaneously authenticates and authorizes the identity ID of the cloud virtual scene construction software (such as a 3D digital exhibition hall) to be accessed into the private cloud service, thereby further improving the credibility and standardization of the cloud virtual scene construction software.
Furthermore, the application also carries out encryption transmission on the service access address provided by the service provider, prevents the service access address from being intercepted and tampered by other illegal ports in the transmission process, improves the confidentiality of the transmission process, and provides a safer technical environment for users to construct software by utilizing cloud virtual scenes.
Drawings
FIG. 1 is an application environment diagram of a business service secure docking method in one embodiment;
FIG. 2 is a flow diagram of a method of secure docking of business services in one embodiment;
FIG. 3 is a flow chart of a method for secure docking of business services according to another embodiment;
FIG. 4 is a block diagram of a business service secure docking system in one embodiment;
FIG. 5 is a block diagram of a business service secure docking apparatus in one embodiment;
FIG. 6 is an internal block diagram of a computer device in one embodiment;
Fig. 7 is an internal structural view of the total computer device according to another embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The business service secure docking method provided by the embodiment of the application can be applied to an application environment shown in figure 1. The cloud virtual scene construction software 101 communicates with the control platform 102 through a network, the cloud virtual scene construction software 101 may be, for example, a 3D digital exhibition hall based on financial services, the control platform is further in docking with one or more service providers 103, and the data storage system may store data to be processed by the control platform 102. The data storage system can be integrated on the control platform 102, the 3D digital exhibition hall is also called a 3D virtual exhibition hall or a 3D cloud exhibition hall, is positioned in public cloud, is 3D virtual scene display software constructed based on the Internet and 3D modeling technology, and can log in a three-dimensional free-flowing virtual environment of the 3D digital exhibition hall positioned in public cloud by clicking a website link or scanning a two-dimensional code even without installing any software or plug-in, thereby completing user interaction behavior set in the virtual environment. The control platform is located in a private cloud, and the service provider can be located in a public cloud or a private cloud. The cloud virtual scene construction software 101 can display the 3D virtual scene on various personal computers, notebook computers, smart phones, tablet computers, internet of things devices and portable wearable devices, and the internet of things devices can be smart speakers, smart televisions, smart air conditioners, smart vehicle-mounted devices and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The control platform 102 may be implemented as a stand-alone server or as a cluster of servers. Wherein the business services include financial services. The control platform is deployed in private cloud, and cloud virtual scene construction software is deployed in public cloud.
In one embodiment, as shown in fig. 2, a business service secure docking method is provided, and the method is applied to the cloud virtual scene building software 101 in fig. 1 for illustration, and includes the following steps:
step S201, a service approval application aiming at a target business service is sent to a control platform to acquire service approval information from the control platform, wherein the service approval information comprises an application authorization address;
The service approval application refers to that when a user needs to use a target business service, cloud virtual scene construction software firstly applies for the target business service to be approved from a control platform. For example, if the user needs to develop a personal lending service or an enterprise lending service between the cloud virtual scene building software and a certain bank, the cloud virtual scene building software needs to apply the target service to the control platform first, so that the target service is approved.
Specifically, the cloud virtual scene building software sends a service approval application for a target service, for example, a service approval application for a personal loan service of an a bank, to the control platform, where the service approval application is used to obtain service approval information from the control platform, and if the approval passes, the service approval information includes an application authorization address, where the application authorization address refers to an application authorization address provided by the control platform, because the control platform collects multiple service departments, for example, the personal loan service, the enterprise loan service, and the like, related authorized matters should be submitted to the corresponding service departments for approval, and the application authorization address in the above example may refer to a personal loan service interface or an enterprise loan service interface, and the like.
Step S202, an authorization application corresponding to the target business service is sent to an application authorization address, and the control platform is used for judging the authorization application to obtain an authorization judgment result and returning the authorization judgment result;
Specifically, the cloud virtual scene construction software (also called a caller) sends a corresponding authorization application to the application authorization address (for example, the personal lending service interface or the enterprise lending service interface, etc.), so as to obtain an authorization determination result of the control platform.
Step S203, if the authorization judging result contains authorization success information, acquiring a service access address, wherein the service access address is provided for a control platform by a service provider;
where a service provider refers to a unit that provides various business service capabilities to a user, such as an a-bank or B-bank.
Specifically, if the control platform determines that the authorization application for the target business service passes, authorization success information and a service access address are returned, wherein the service access address is an address which is provided by a service provider to the control platform and passes the verification.
And step S204, implementing business information interaction corresponding to the target business service between the local and the service access address by utilizing the authorization success information.
Specifically, the authorization success information further includes various communication parameters, keys and the like for secure communication, and the caller (i.e. cloud virtual scene construction software or 3D digital exhibition hall) can use the authorization success information to implement corresponding service information interaction between the local and service access addresses.
According to the embodiment, a service approval application aiming at a target business service is sent to a control platform by using a calling party (namely cloud virtual scene construction software or a 3D digital exhibition hall) to obtain service approval information from the control platform, the service approval information comprises an application authorization address, an authorization application corresponding to the target business service is sent to the application authorization address, the control platform is used for judging the authorization application to obtain an authorization judgment result and returning the authorization judgment result, if the authorization judgment result comprises authorization success information, a service access address is obtained, wherein the service access address is provided for the control platform by a service provider, and business information interaction corresponding to the target business service is implemented between a local area and the service access address by using the authorization success information. According to the method and the system for realizing the service interaction, the service on the cloud virtual scene construction software which is not safe enough for the user can be sequentially subjected to approval by the control platform and authorization judgment by the control platform to obtain the service access address, so that the service interaction between the local and the service access address is finally realized, and the safe and reliable service is provided for the user.
In one embodiment, the service approval information includes a home terminal id and a first key pair, and the step S202 includes:
generating an authorization application plaintext based on the local identity, signing the authorization application plaintext by using a first private key in a first key pair, and performing full message encryption on the signed authorization application by using a first public key in the first key pair to obtain the authorization application ciphertext.
The local identity, i.e. the identity of the calling party, may be, for example, the identity of cloud virtual scene building software (3D digital exhibition hall).
Specifically, the service approval information returned by the control platform further comprises a local identity ID and a first key pair, wherein the first key pair comprises a first public key and a first private key. After receiving approval passing information, a caller (for example, a 3D digital exhibition hall) starts to send an authorization application to a control platform, specifically, an authorization application plaintext can be generated based on the local identity ID, the authorization application plaintext is signed by using a first private key (namely, a private key 1), the signed authorization application is encrypted by using a first public key (public key 1), and the ciphertext is sent to an authorization application address appointed by the control platform.
Optionally, the local identity identifier and the ciphertext can also be independently sent to the control platform to formulate the authorized application address.
Optionally, the service approval information further includes a second public key, which is favorable for encrypting and decrypting the service access address by using a symmetric encryption algorithm.
According to the embodiment, the authorization application is carried out through the key pair and the identity ID distributed by the control platform (wherein the control platform is a platform with public trust), so that the credibility and standardization of authorization are further improved.
In one embodiment, the control platform is used for decrypting the authorization application ciphertext by using the first public key to obtain the authorization application plaintext, and the control platform is further used for encrypting the communication parameters, the access mark and the service access address by using a symmetric encryption method to obtain authorization success information and returning the authorization success information under the condition of verifying that the authorization application plaintext is legal.
Specifically, the control platform decrypts the ciphertext by using the first public KEY to obtain an authorization application plaintext, and based on the specific content of the authorization application plaintext, if the content in the authorization application plaintext is verified to be legal, a symmetric encryption method (namely, a second public KEY 2) is used for encrypting the COMMUNICATION parameter communication_key, the ACCESS mark access_token and the service ACCESS address by using the symmetric encryption method, so that authorization success information is obtained, and the authorization success information is returned to the 3D digital exhibition hall (namely, the calling party).
In the above embodiment, the control platform returns the related communication parameters and the access flag to the caller under the condition of verifying that the authorized application is legal, which is favorable for subsequent verification of the validity of the service access address and prevents tampering.
In one embodiment, the step S203 includes decrypting the authorization success information to obtain the service access address.
Specifically, after the cloud virtual scene construction software obtains the authorization success information from the control platform, the cloud virtual scene construction software decrypts the authorization success information by using the second public key (namely the public key 2) (based on a symmetric encryption algorithm) to obtain the service access address.
According to the embodiment, the service access address is obtained through decryption, so that the system security is further improved, and the possibility that the service access address is sent by an unsafe party is reduced.
In one embodiment, the authorization success information further includes a communication parameter and an access flag, and the step S204 includes:
The method comprises the steps of generating corresponding request parameters in response to a user request aiming at target business service, encrypting the request parameters by utilizing communication parameters to obtain encrypted request parameters, sending the encrypted request parameters, an access mark and a local terminal identity to a service access address so that a service provider verifies the validity of the access mark and provides corresponding business service according to the local terminal identity and the request parameters.
Specifically, after receiving a request of a user, a caller (i.e. cloud virtual scene building software or a 3D digital exhibition hall) generates a corresponding request parameter from the user request, encrypts the request parameter by using the COMMUNICATION parameter communication_key, and sends the encrypted request parameter, the ACCESS flag access_token and the call Fang Benduan identity ID to the service ACCESS address, so that the service provider verifies the validity of the ACCESS flag access_token, and provides a corresponding service according to the call Fang Benduan identity ID and the request parameter.
In the above embodiment, by verifying the validity of the access_token, the request is judged to be sent by the caller, but not by other third parties, and the request parameter is encrypted by the COMMUNICATION parameter communication_key, so that the possibility that the user request parameter is hijacked and revealed in the COMMUNICATION process is reduced, and the system security is further improved.
The following further describes an example of application of the above-mentioned business service secure docking method in a specific scenario:
as shown in fig. 3, fig. 3 illustrates a flowchart of a specific scenario-summarized business service security docking method.
The technical scheme relates to the following three roles:
role 1, a financial service control platform (deployed in private cloud) is used as a coordination role of a calling party and a service provider to provide service release, service application and authorization application functions for the calling party and the service provider.
And the role 2 is that the financial service providers respectively provide different financial service capabilities to conduct online transaction business according to (based on) business partitions, and can issue services on a control platform, the provided services are required to be approved by the control platform, and the calling party accesses the services in an encryption mode.
And the role 3 is that a financial service caller, namely cloud virtual scene construction software or a 3D digital exhibition hall, is regarded as an untrusted role by a control platform and a service provider (enterprises which are in butt joint or cooperation with banks), and needs to apply for access service to the control platform (the bank side) and initiate an authorization application, so that the service provider can be accessed after the authorization information is obtained.
The services and related parameters configured by the control platform are as follows:
3.1 the service parameters include the following information:
1) A service provider number for identifying service provider information;
2) A service number for identifying a service provided by the service provider;
3) A service access address for accessing an access address of a service provider;
4) Other service access parameters for delivering various parameters of the service provided by the service provider to achieve the required service effect;
3.2 calling party (cloud virtual scene construction software or 3D digital exhibition hall) applies service to the control platform and obtains authorization information, and the method specifically comprises the following steps:
step 3.2.1, the caller applies for service and obtains approval in the control platform, and obtains caller ID and related keys, namely public key 1, private key 1 and public key 2
Step 3.2.2, calling the control platform to send an authorized application, signing the application information by using a private key 1, encrypting a full message by using the public key 1, and sending a ciphertext and a calling party ID to the control platform to specify an authorized application address
Step 3.2.3, the control platform uses the caller to decrypt the corresponding public KEY 1 to obtain the plaintext of the authorized application, and after the platform checks the information of the authorized application is legal, uses the public KEY 2 to encrypt the communication_key, the access_token, the service ACCESS address and returns the address to the caller
Step 3.2.4, the caller uses the public KEY 2 to decrypt and verify the cipher text of the COMMUNICATION KEY to obtain the plaintext of the COMMUNICATION KEY, the plaintext of the service ACCESS address, the plaintext of the COMMUNICATION KEY, the plaintext of the ACCESS KEY, the ciphertext KEY
3.3 Caller access to services using authorization information
Step 3.3.1 the caller uses the communication_key to encrypt the related request parameters, along with the access_token, caller ID, to send to the service provider's ACCESS address
And 3.3.2, the service provider decrypts the service according to the COMMUNICATION KEY, verifies the validity of the ACCESS TOKEN and provides relevant services according to the caller ID and the service parameters.
Compared with the situation that the prior art generally can only perform simple link skip and cannot safely transfer the digital exhibition hall sensitive data to the financial service application, and meanwhile, the financial service application cannot safely identify the calling party, the embodiment establishes a butt joint scheme of cloud virtual scene construction software and a plurality of financial service applications, and can prevent mutual interaction information from being illegally tampered by a third party.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the present application further provides a service security docking system 400 for implementing the above-mentioned related service security docking method, as shown in fig. 4. The implementation of the solution provided by the system 400 is similar to the implementation described in the above method, so the specific limitation in the embodiments of the one or more service security docking systems provided below may be referred to the limitation of the service security docking method hereinabove, and will not be repeated here.
The system may include a 3D digital exhibition hall 401 and a control platform 402, and may also include a service provider 403. Wherein,
The 3D digital exhibition hall 401 is configured to send a service approval application for a target business service to the control platform;
The control platform 402 is configured to respond to the service approval application, and return service approval information to the 3D digital exhibition hall, where the service approval information includes an application authorization address;
The 3D digital exhibition hall 401 is further configured to send an authorization application corresponding to the target business service to the application authorization address;
The control platform 402 is further configured to determine the authorization application to obtain an authorization determination result, and return the authorization determination result to the 3D digital exhibition hall;
the 3D digital exhibition hall 401 is further configured to obtain a service access address if the authorization determination result includes authorization success information, where the service access address is provided to the control platform by the service provider;
The 3D digital exhibition hall 401 is further configured to implement service information interaction corresponding to the target service between the local and the service access address by using the authorization success information.
In one embodiment, the service approval information includes a local identity of the 3D digital exhibition hall and a first key pair;
The 3D digital exhibition hall 401 is further configured to generate an authorization application plaintext based on the local identity, sign the authorization application plaintext by using a first private key in the first key pair, encrypt the signed authorization application with a full message by using a first public key in the first key pair to obtain the authorization application ciphertext, and send the authorization application ciphertext to the application authorization address.
In one of the embodiments of the present invention,
The control platform 402 is configured to decrypt the authorization application ciphertext by using the first public key to obtain the authorization application plaintext;
The control platform 402 is further configured to encrypt, by using a symmetric encryption method, the communication parameter, the access flag, and the service access address, to obtain the authorization success information, and return the authorization success information when the authorization application plaintext is verified to be legal.
In one of the embodiments of the present invention,
The 3D digital exhibition hall 401 is further configured to decrypt the authorization success information to obtain the service access address.
In one embodiment, the 3D digital exhibition hall 401 is further configured to generate a corresponding request parameter in response to a user request for the target service, encrypt the request parameter with the communication parameter to obtain an encrypted request parameter, send the encrypted request parameter, the access flag and the home terminal identifier to the service access address, so that the service provider verifies the validity of the access flag, and provides a corresponding service according to the home terminal identifier and the request parameter.
In one embodiment, the control platform 402 is deployed in a private cloud, the 3D digital exhibition hall 401 is deployed in a public cloud, and the target business service comprises a financial service.
Based on the same inventive concept, the embodiment of the present application further provides a service security docking device 500 for implementing the above-mentioned related service security docking method. As shown in fig. 5, the implementation of the solution provided by the apparatus is similar to the implementation described in the above method, so the specific limitation in the embodiments of the one or more service security docking apparatuses provided below may be referred to the limitation of the service security docking method in the above description, and will not be repeated here.
In one embodiment, as shown in fig. 5, a business service security docking device 500 is provided, which includes a service approval application sending module 501, an authorization application sending module 502, a service access address obtaining module 503, and a business information interaction module 504, wherein:
The service approval application sending module 501 is configured to send a service approval application for a target business service to a control platform, so as to obtain service approval information from the control platform, where the service approval information includes an application authorization address;
An authorization application sending module 502, configured to send an authorization application corresponding to the target business service to the application authorization address; the control platform is used for judging the authorization application to obtain an authorization judgment result and returning the authorization judgment result;
a service access address obtaining module 503, configured to obtain a service access address if the authorization determination result includes authorization success information, where the service access address is provided to the control platform by a service provider;
and the service information interaction module 504 is configured to implement service information interaction corresponding to the target service between the local service access address and the service access address by using the authorization success information.
In one embodiment, the service approval information includes a home terminal identity and a first key pair;
The authorization application sending module 502 is further configured to generate an authorization application plaintext based on the local identity, sign the authorization application plaintext with a first private key in the first key pair, encrypt the signed authorization application with a full message with a first public key in the first key pair to obtain the authorization application ciphertext, and send the authorization application ciphertext to the application authorization address.
In one of the embodiments of the present invention,
The control platform is used for decrypting the authorization application ciphertext by utilizing the first public key to obtain the authorization application plaintext;
The control platform is further used for encrypting the communication parameters, the access mark and the service access address by using a symmetric encryption method under the condition that the plaintext of the authorized application is verified to be legal, obtaining the authorization success information and returning the authorization success information.
In one embodiment, the service access address obtaining module 503 is further configured to decrypt the authorization success information to obtain the service access address.
In one embodiment, the authorization success information further includes the communication parameter and the access flag;
the service information interaction module 504 is further configured to generate a corresponding request parameter in response to a user request for the target service, encrypt the request parameter with the communication parameter to obtain an encrypted request parameter, send the encrypted request parameter, the access flag and the home terminal identity to the service access address, so that the service provider verifies the validity of the access flag, and provide a corresponding service according to the home terminal identity and the request parameter.
In one embodiment, the control platform is deployed in a private cloud, and the target business service comprises a financial service.
The above-mentioned various modules in the business service security interfacing apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing business service data, including user data and data sent by a business provider. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a business service secure docking method.
In one embodiment, a computer device is provided, which may be a terminal, and the internal structure of which may be as shown in fig. 7. The computer device includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program, when executed by a processor, implements a business service secure docking method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by persons skilled in the art that the structures shown in FIGS. 6-7 are block diagrams of the elements of structures in association with aspects of the present application and are not intended to limit the computer system to which aspects of the present application may be applied, and that a particular computer system may include more or less elements than those shown, or may combine some of the elements, or have a different arrangement of elements.
In one embodiment, a computer device is provided, including a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the above-described embodiments of the business service secure docking method when the computer program is executed.
In one embodiment, a computer readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the steps of the above-described embodiments of a business service secure docking method.
In one embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the steps of the business service secure docking method embodiments described above.
The user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magneto-resistive random access Memory (Magnetoresistive RandomAccess Memory, MRAM), ferroelectric Memory (Ferroelectric RandomAccess Memory, FRAM), phase change Memory (PHASE CHANGE Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (RandomAccess Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in various forms such as static random access memory (Static RandomAccess Memory, SRAM) or dynamic random access memory (Dynamic RandomAccess Memory, DRAM), etc. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.
Claims (13)
1.A business service secure docking method, applied to a financial service-based 3D digital exhibition hall deployed in public cloud, the method comprising:
The method comprises the steps of sending a service approval application aiming at a target service to a control platform to obtain service approval information from the control platform, wherein the service approval information comprises an application authorization address, the application authorization address is provided by the control platform, the application authorization address points to a service interface of the target service, the target service belongs to the financial service, and the service approval information comprises an identity identifier, a first key pair and a second public key of the 3D digital exhibition hall;
Generating an authorization application plaintext based on the identity; carrying out full message encryption on the signed authorization application plaintext by utilizing a first public key in the first key pair to obtain the authorization application ciphertext; the control platform is used for judging the application authorization plaintext to obtain an authorization judgment result and returning the authorization judgment result;
If the authorization judging result contains authorization success information, decrypting the authorization success information by using the second public key to obtain a service access address, a communication parameter and an access mark; the control platform is used for encrypting the communication parameters, the access mark and the service access address by using the second public key under the condition that the control platform verifies that the plaintext of the authorized application is legal;
And encrypting the request parameters by using the communication parameters to obtain encrypted request parameters, and sending the encrypted request parameters, the access mark and the identity to the service access address so that the service provider verifies the validity of the access mark and provides corresponding service according to the identity and the request parameters.
2. The method according to claim 1, wherein the method further comprises:
and signing the plaintext of the authorized application by using a first private key in the first key pair.
3. The method of claim 2, wherein the step of determining the position of the substrate comprises,
And the control platform is used for decrypting the authorization application ciphertext by using the first public key to obtain the authorization application plaintext.
4. A method according to claim 3, wherein said encrypting the request parameters using said communication parameters results in encrypted request parameters, and further comprising, before sending said encrypted request parameters, said access tag and said identity to said service access address:
And responding to the user request for the target business service, and generating the corresponding request parameters.
5. The method of any one of claims 1 to 4, wherein the control platform is deployed in a private cloud.
6. A business service secure docking apparatus for use in a financial service-based 3D digital exhibition hall deployed in a public cloud, the apparatus comprising:
The system comprises a control platform, a service approval application sending module, a service approval application module and a service approval module, wherein the service approval application sending module is used for sending a service approval application aiming at a target service to the control platform so as to acquire service approval information from the control platform, the service approval information comprises an application authorization address, the application authorization address is provided by the control platform, the application authorization address points to a service interface of the target service, the target service belongs to the financial service, and the service approval information comprises an identity identifier of the 3D digital exhibition hall, a first key pair and a second public key;
The authorization application sending module is used for generating an authorization application plaintext based on the identity; carrying out full message encryption on the signed authorization application plaintext by utilizing a first public key in the first key pair to obtain the authorization application ciphertext; the control platform is used for judging the application authorization plaintext to obtain an authorization judgment result and returning the authorization judgment result;
the system comprises a control platform, a service access address acquisition module, a service access address generation module and a service access address generation module, wherein the service access address acquisition module is used for obtaining a service access address, a communication parameter and an access mark by decrypting the authorization success information by using a second public key if the authorization judgment result contains authorization success information;
And the service information interaction module is used for encrypting the request parameters by using the communication parameters to obtain encrypted request parameters, sending the encrypted request parameters, the access mark and the identity to the service access address so that the service provider verifies the validity of the access mark and provides corresponding service according to the identity and the request parameters.
7. The apparatus of claim 6, wherein the authorization application sending module is further configured to sign the authorization application plaintext using a first private key of the first key pair.
8. The apparatus of claim 7, wherein the device comprises a plurality of sensors,
And the control platform is used for decrypting the authorization application ciphertext by using the first public key to obtain the authorization application plaintext.
9. The apparatus of claim 8, wherein the business information interaction module is further configured to generate the corresponding request parameters in response to a user request for the target business service.
10. The apparatus of any one of claims 6 to 9, wherein the control platform is deployed in a private cloud.
11. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 5 when the computer program is executed.
12. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 5.
13. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111491579.2A CN114240347B (en) | 2021-12-08 | 2021-12-08 | Business service secure connection method, device, computer equipment, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111491579.2A CN114240347B (en) | 2021-12-08 | 2021-12-08 | Business service secure connection method, device, computer equipment, and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114240347A CN114240347A (en) | 2022-03-25 |
| CN114240347B true CN114240347B (en) | 2025-01-10 |
Family
ID=80753932
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111491579.2A Active CN114240347B (en) | 2021-12-08 | 2021-12-08 | Business service secure connection method, device, computer equipment, and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114240347B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114722431B (en) * | 2022-04-11 | 2023-05-12 | 北京神州邦邦技术服务有限公司 | Block chain-based method, device and storage medium for monitoring general IT service flow |
| CN115357919B (en) * | 2022-08-18 | 2025-06-27 | 数字广东网络建设有限公司 | A data processing method, device, equipment and storage medium |
| CN116527708B (en) * | 2023-04-21 | 2024-03-12 | 浪潮智慧科技有限公司 | Data processing method, equipment and medium for rural treatment digital platform |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1605181A (en) * | 2001-11-02 | 2005-04-06 | 纽特利斯公司 | Method and system for providing secure access to resources on a private network |
| CN104702562A (en) * | 2013-12-05 | 2015-06-10 | 中国电信股份有限公司 | Terminal fusion service access method, terminal fusion service access system, and terminal |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100518127C (en) * | 2007-08-24 | 2009-07-22 | 上海可鲁系统软件有限公司 | A method and device for secure intercommunication between two independent networks |
| CN104717192B (en) * | 2013-12-16 | 2018-05-18 | 腾讯科技(深圳)有限公司 | Legality identification method and intermediate server |
| CN107241293A (en) * | 2016-03-28 | 2017-10-10 | 杭州萤石网络有限公司 | A kind of resource access method, apparatus and system |
| CN111160845B (en) * | 2019-12-06 | 2023-10-27 | 中国建设银行股份有限公司 | Service processing method and device |
| CN111131416B (en) * | 2019-12-12 | 2023-09-05 | 京东科技控股股份有限公司 | Service providing method and device, storage medium and electronic device |
| CN111355800B (en) * | 2020-02-28 | 2022-05-20 | 中国建设银行股份有限公司 | Service processing method, device, equipment and storage medium |
| CN111429254B (en) * | 2020-03-19 | 2021-09-10 | 腾讯科技(深圳)有限公司 | Business data processing method and device and readable storage medium |
| CN111428269B (en) * | 2020-03-24 | 2023-05-09 | 北京金山云网络技术有限公司 | Data access method, device and terminal equipment |
| CN112073400B (en) * | 2020-08-28 | 2024-06-14 | 腾讯云计算(北京)有限责任公司 | Access control method, system, device and computing equipment |
| CN112134866B (en) * | 2020-09-15 | 2024-06-14 | 腾讯云计算(北京)有限责任公司 | Service access control method, device and system and computer readable storage medium |
| CN112235400B (en) * | 2020-10-14 | 2024-02-02 | 腾讯科技(深圳)有限公司 | Communication method, communication system, communication device, server, and storage medium |
| CN112671798B (en) * | 2020-12-31 | 2022-10-04 | 北京明朝万达科技股份有限公司 | Service request method, device and system in Internet of vehicles |
| CN113485807A (en) * | 2021-07-02 | 2021-10-08 | 中国建设银行股份有限公司 | Service information comprehensive scheduling method, device, equipment and storage medium |
| CN113553572B (en) * | 2021-07-02 | 2024-06-18 | 深圳追一科技有限公司 | Resource information acquisition method, device, computer equipment and storage medium |
-
2021
- 2021-12-08 CN CN202111491579.2A patent/CN114240347B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1605181A (en) * | 2001-11-02 | 2005-04-06 | 纽特利斯公司 | Method and system for providing secure access to resources on a private network |
| CN104702562A (en) * | 2013-12-05 | 2015-06-10 | 中国电信股份有限公司 | Terminal fusion service access method, terminal fusion service access system, and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114240347A (en) | 2022-03-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10839070B1 (en) | Securely executing smart contract operations in a trusted execution environment | |
| CN107743133B (en) | Mobile terminal and access control method and system based on trusted security environment | |
| CN110036613B (en) | System and method for providing identity authentication for decentralized applications | |
| CN114240347B (en) | Business service secure connection method, device, computer equipment, and storage medium | |
| US9577829B1 (en) | Multi-party computation services | |
| JP2023502346A (en) | Quantum secure networking | |
| US9275257B2 (en) | Secure communication architecture | |
| US9356787B2 (en) | Secure communication architecture including sniffer | |
| KR102329221B1 (en) | Blockchain-based user authentication model | |
| US9454677B1 (en) | Secure communication architecture including video sniffer | |
| CN117395077A (en) | Encryption processing method and device for access request, computer equipment and storage medium | |
| US10462113B1 (en) | Systems and methods for securing push authentications | |
| CN114745178A (en) | Identity authentication method, apparatus, computer equipment, storage medium and program product | |
| CN116049802B (en) | Application single sign-on method, system, computer equipment and storage medium | |
| Chen et al. | A secure mobile DRM system based on cloud architecture | |
| CN115801317A (en) | Service providing method, system, device, storage medium and electronic equipment | |
| CN115174260A (en) | Data verification method, data verification device, computer, storage medium and program product | |
| CN114782040A (en) | Method and device for generating offline payment code, computer equipment and storage medium | |
| CN115022039A (en) | Information processing method, apparatus, device, storage medium, and computer program product | |
| Shyaa et al. | Securing transactions using hybrid cryptography in e-commerce apps | |
| JP7643676B2 (en) | Authentication Factor File | |
| US20250217793A1 (en) | System and method for providing multiple-secret signing | |
| US20240422160A1 (en) | Authenticated secure communications across different devices | |
| CN117078263A (en) | Resource transfer method, device, computer equipment and storage medium | |
| CN116862519A (en) | Method, device and equipment for processing anonymous account resource transfer based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |