CN114266057A - Data distribution method and system - Google Patents
Data distribution method and system Download PDFInfo
- Publication number
- CN114266057A CN114266057A CN202111599563.3A CN202111599563A CN114266057A CN 114266057 A CN114266057 A CN 114266057A CN 202111599563 A CN202111599563 A CN 202111599563A CN 114266057 A CN114266057 A CN 114266057A
- Authority
- CN
- China
- Prior art keywords
- data
- certificate
- data distribution
- request
- merchant identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 81
- 238000012795 verification Methods 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 14
- 230000009471 action Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 230000006855 networking Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 101000759879 Homo sapiens Tetraspanin-10 Proteins 0.000 description 2
- 102100024990 Tetraspanin-10 Human genes 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 101100483001 Mus musculus Tspan10 gene Proteins 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application provides a data distribution method and a system, wherein the data distribution system comprises a data distribution center system, a data distribution subsystem and a client system, wherein the data distribution center system is used for receiving network request information sent by the data distribution subsystem and feeding back a digital certificate to the data distribution subsystem; the data distribution center system is also used for sending a certificate inquiry request by the client system and feeding back a certificate inquiry result to the client system; a data distribution subsystem for distributing data content to a client system; and the client system is used for receiving the data content distributed by the data distribution subsystem. Thus, by implementing the embodiment, the data can be distributed in an authentication mode, so that the data can be distributed independently; meanwhile, safety certification can be carried out before data distribution, so that the data distribution safety is improved; in addition, the method can specify the data which is desired to be received by the user, thereby being capable of enabling the distribution of the data to be more humanized.
Description
Technical Field
The application relates to the field of data information interaction, in particular to a data distribution method and system.
Background
Currently, when a user connects to wifi of a shopping mall, a supermarket or a restaurant, the user usually considers using the built-in free wifi to perform some online operations. However, in practice, it has been found that users are pushed a verification interface with advertisements when using such wifi, or pushed an advertisement interface until the user clicks "skip" to perform subsequent networking actions. Therefore, in the method, advertisements are generally passively pushed along with the networking of the user, the advertisement content quality is uneven, and the user is forced to read the corresponding advertisements, so that the advertisement reading experience and the networking experience of the user are very poor.
Disclosure of Invention
The embodiment of the application aims to provide a data distribution method and a data distribution system, which can distribute data in an authentication mode, so that the distribution action and the networking action of advertisement data are divided, and the advertisement data can be independently distributed; meanwhile, because security authentication is required before advertisement data distribution, the method has higher security than the conventional method; in addition, the method can specify the advertisement data which the user wants to receive, thereby being capable of enabling the distribution of the advertisement data to be more humanized.
A first aspect of an embodiment of the present application provides a data distribution method, where the data distribution method is applied to a data distribution center system, and the method includes:
receiving network request information;
judging whether the network request information is a digital certificate request or not;
when the network request information is the digital certificate request, verifying according to the digital certificate request, and issuing a digital certificate to a corresponding data distribution subsystem when the verification is passed;
when the network request information is not the digital certificate request, judging whether the network request information is a certificate inquiry request;
and when the network request information is the certificate inquiry request, feeding back a certificate inquiry result to a corresponding client system according to the certificate inquiry request.
Further, the step of performing verification according to the digital certificate request and issuing the digital certificate to the corresponding data distribution subsystem when the verification is passed includes:
identifying whether the digital certificate request is a merchant identity certificate request;
when the digital certificate request is the merchant identity certificate request, verifying the merchant identity, and issuing a merchant identity certificate to a corresponding data distribution subsystem when the verification is passed;
and when the digital certificate request is not the merchant identity certificate request, feeding back a certificate application failure reason to the data distribution subsystem.
Further, the step of performing verification according to the digital certificate request and issuing the digital certificate to the corresponding data distribution subsystem when the verification is passed includes:
identifying whether the digital certificate request is a data content certificate request;
when the digital certificate request is the data content certificate request, authenticating a merchant identity certificate according to the data content certificate request;
judging whether the merchant identity certificate is in a valid period;
when the merchant identity certificate is in the validity period, acquiring a first HASH value or a first MAC value included in the data content certificate request, and acquiring data content corresponding to the data content certificate request;
calculating a second HASH value of the data content or a second MAC value of the data content;
determining whether the first HASH value is the same as the second HASH value, or determining whether the first MAC value is the same as the second MAC value;
when the first HASH value is the same as the second HASH value or the first MAC value is the same as the second MAC value, verifying the data content and the data security, and issuing a data digital certificate to a corresponding data distribution subsystem when the verification is passed; and the CN code of the data digital certificate is the same as that of the merchant identity certificate.
Further, the step of feeding back the certificate inquiry result to the corresponding client system according to the certificate inquiry request includes:
extracting a data digital certificate and a merchant identity certificate included in the certificate inquiry request, and extracting a first CN code in the data digital certificate and a second CN code in the merchant identity certificate;
judging whether the first CN code is the same as the second CN code;
when the first CN code is the same as the second CN code, judging whether the data digital certificate and the merchant identity certificate are both in a valid period;
and when the data digital certificate and the merchant identity certificate are both in the valid period, generating a certificate inquiry result, and feeding back the certificate inquiry result to the corresponding client system.
A second aspect of the embodiments of the present application provides a data distribution method, where the data distribution method is applied to a data distribution subsystem, and the method includes:
detecting whether a merchant identity certificate exists in the data distribution subsystem;
when the data distribution subsystem does not have the merchant identity certificate, sending a merchant identity certificate request to a data distribution center system;
when the data distribution subsystem has the merchant identity certificate, judging whether the merchant identity certificate is in a valid period;
when the merchant identity certificate is not in the validity period, sending a merchant identity certificate request to a data distribution center system;
when the merchant identity certificate is within the validity period, determining data content to be distributed;
according to the data content, sending a data content certificate request to a data distribution center system;
receiving a data digital certificate issued by the data distribution center system;
and building a data wireless network according to the merchant identity certificate, and distributing the data content and the data digital certificate to a client system through the data wireless network.
A third aspect of the embodiments of the present application provides a data distribution method, where the data distribution method is applied to a client system, and the method includes:
when a data wireless network of a merchant is scanned, judging whether the data wireless network is in a preset data network white list or not;
when the data wireless network is in the data network white list, authenticating the data wireless network, and establishing network connection with the data wireless network when the authentication is passed;
receiving data content and a data digital certificate, and sending a digital certificate request to a data distribution center system according to the data digital certificate;
receiving a certificate inquiry result fed back by the data distribution center system;
and loading the data content or discarding the data content according to the query result.
Further, the step of authenticating the data wireless network and establishing a network connection with the data wireless network when the authentication is passed includes:
generating a random number and a time stamp, and forming time information according to the random number and the time stamp;
encrypting the time information by using the encryption public key of the merchant to obtain encryption information;
sending the encrypted information to a data distribution subsystem so that the data distribution subsystem signs the generated feedback information through a merchant identity certificate after verifying according to the encrypted information;
receiving feedback information fed back by a merchant, and extracting the merchant identity certificate;
and verifying the merchant identity certificate, and establishing network connection with the data wireless network when the merchant identity certificate passes the verification.
A fourth aspect of the embodiments of the present application provides a data distribution system, which includes a data distribution center system, a data distribution subsystem, and a client system, wherein,
the data distribution center system is used for receiving the network request information sent by the data distribution subsystem and feeding back a digital certificate to the data distribution subsystem;
the data distribution center system is also used for the certificate inquiry request sent by the client system and feeding back the certificate inquiry result to the client system;
the data distribution subsystem is used for distributing data contents to the client system;
and the client system is used for receiving the data content distributed by the data distribution subsystem.
A fifth aspect of embodiments of the present application provides an electronic device, including a memory and a processor, where the memory is used to store a computer program, and the processor runs the computer program to make the electronic device execute the data distribution method according to any one of the first, second, or third aspects of embodiments of the present application.
A sixth aspect of embodiments of the present application provides a computer-readable storage medium, which stores computer program instructions, and when the computer program instructions are read and executed by a processor, the computer program instructions perform the data distribution method according to any one of the first, second, or third aspects of embodiments of the present application.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic flowchart of a data distribution method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another data distribution method provided in an embodiment of the present application;
fig. 3 is a schematic flow chart of another data distribution method provided in the embodiment of the present application;
fig. 4 is a schematic system structure diagram of a data distribution system according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Example 1
Referring to fig. 1, fig. 1 is a schematic flow chart of a data distribution method according to an embodiment of the present application. The data distribution method is applied to a data distribution center system and comprises the following steps:
s101, receiving network request information.
In this embodiment, the data distribution center system may receive the network request information in a loop when the network service is opened.
S102, judging whether the network request information is a digital certificate request, if so, executing a step S103; if not, go to step S106.
In this embodiment, the digital certificate request is a request initiated by the data distribution subsystem for requesting a corresponding digital certificate.
In this embodiment, when receiving a digital certificate request from a data distribution subsystem, the method performs step S103; the method performs step S106 upon receiving a certificate query request (OCSP) from a client system.
In this embodiment, an ocsp (online Certificate Status protocol) refers to an online Certificate Status protocol, and is a mode for maintaining security of a server and other network resources.
S103, whether the digital certificate request is a merchant identity certificate request or a data content certificate request is identified.
And S104, when the digital certificate request is a merchant identity certificate request, verifying the merchant identity, and issuing a merchant identity certificate to the corresponding data distribution subsystem when the verification is passed.
As an optional implementation, the method further comprises:
and when the digital certificate request is not the merchant identity certificate request, feeding back the reason of certificate application failure to the data distribution subsystem.
In this embodiment, the method may check the identity of the merchant by an online or offline method, issue the merchant identity certificate when the merchant identity certificate passes, and feed back the reason for the failure of applying the certificate when the merchant identity certificate does not pass.
And S105, when the digital certificate request is the data content certificate request, acquiring the data content corresponding to the data content certificate request, checking the data security of the data content and the data content, and issuing the data digital certificate to the corresponding data distribution subsystem when the data content certificate request passes the checking.
As an optional implementation manner, the steps of acquiring data content corresponding to the data content certificate request, verifying data security of the data content and the data content, and issuing a data digital certificate to a corresponding data distribution subsystem when the verification is passed include:
requesting to authenticate a merchant identity certificate according to the data content certificate;
judging whether the merchant identity certificate is in the valid period;
when the merchant identity certificate is in the valid period, acquiring a first HASH value or a first MAC value included in the data content certificate request, and acquiring data content corresponding to the data content certificate request;
calculating a second HASH value of the data content or a second MAC value of the data content;
judging whether the first HASH value is the same as the second HASH value or not, or judging whether the first MAC value is the same as the second MAC value or not;
when the first HASH value is the same as the second HASH value or the first MAC value is the same as the second MAC value, verifying the data content and the data security, and issuing a data digital certificate to a corresponding data distribution subsystem when the verification is passed; the CN code of the data digital certificate is the same as that of the merchant identity certificate.
In this embodiment, the HASH value is a HASH value.
In this embodiment, the certificate is also referred to as a "digital certificate" or a "public key certificate", and is a file that helps to keep network communication secure.
In this embodiment, the mac (message Authentication code), also called a message Authentication code, a document message Authentication code, a message Authentication code, and an information Authentication code, is a small piece of information generated by a specific algorithm, and is used to check the integrity of a certain piece of information and perform identity Authentication. It can be used to check whether its content has been altered during the message passing process, whether the reason for the alteration is from an accidental or deliberate attack. Meanwhile, the method can be used for identity authentication of a message source to confirm the source of the message.
In this embodiment, the method may first use the merchant identity certificate to complete the authentication of the merchant identity, then determine whether the merchant identity certificate is still within the validity period, and perform the subsequent auditing step when the merchant identity certificate is guaranteed to be within the validity period; otherwise, the reason for the failure of the request is fed back.
In this embodiment, the data content certificate request should include the HASH value or MAC value of the advertisement content.
In this embodiment, the method may intercept data content sent with the data content certificate request, the data content matching with respect to the data content certificate.
In this embodiment, the method may calculate a HASH value or a MAC value of the data content, compare the HASH value or the MAC value with a HASH value or a MAC value carried by the data content certificate request, and check the data content and the data security if the HASH value or the MAC value is consistent with the HASH value or the MAC value carried by the data content certificate request; and if the two are not consistent, the reason for failure certificate application is fed back.
In the embodiment, when the data content and the data security audit passes, a data digital certificate of the data content is issued; otherwise, the reason for failure of certificate application is fed back.
In this embodiment, the data content certificate request may carry other content according to the specific scene requirements.
In this embodiment, the CN code of the digital certificate of the advertisement is consistent with the CN code of the merchant identity certificate, which is convenient for later verification.
In the embodiment of the present application, the CN code, i.e. Common Name (Common Name), is also called CN field.
S106, judging whether the network request information is a certificate inquiry request, if so, executing a step S107; if not, the flow is ended.
And S107, feeding back a certificate inquiry result to the corresponding client system according to the certificate inquiry request.
As an alternative implementation, step S107 includes:
extracting a data digital certificate and a merchant identity certificate included in the certificate inquiry request, and extracting a first CN code in the data digital certificate and a second CN code in the merchant identity certificate;
judging whether the first CN code is the same as the second CN code;
when the first CN code is the same as the second CN code, judging whether the data digital certificate and the merchant identity certificate are both in the valid period;
and when the data digital certificate and the merchant identity certificate are both in the valid period, generating a certificate inquiry result, and feeding back the certificate inquiry result to the corresponding client system.
In this embodiment, the method receives a data digital certificate sent by a client system and a first CN code of the merchant identity certificate; inquiring and verifying the identity of the merchant according to the merchant identity certificate, and feeding back specific problems of the customer if the identity of the merchant fails; then, the method confirms that the advertisement is sent by the merchant according to the first CN code of the data digital certificate and the second CN code of the merchant identity certificate, and feeds back specific problems of the customer if the advertisement fails; then, whether the two certificates of the data digital certificate and the merchant identity certificate are both in the validity period is confirmed, and if the two certificates fail, the specific problems of the customer are fed back; and finally, feeding back a final certificate inquiry result to the client system based on all inquiry and verification.
In this embodiment, when the method finishes executing step S104, S105, or S107, step S101 is executed again.
In this embodiment, the data distribution center system may handle multiple requests from the data distribution subsystem or the client system within the concurrency ceiling.
In this embodiment, the data in this embodiment may be understood as advertisement data, i.e., advertisements.
In this embodiment, the execution subject of the method may be a computing device such as a computer and a server, and is not limited in this embodiment.
In this embodiment, an execution subject of the method may also be an intelligent device such as a smart phone and a tablet computer, which is not limited in this embodiment.
It can be seen that, by implementing the data distribution method described in this embodiment, the data distribution center system can manage and control the merchant identity certificate of the data distribution subsystem and the data content certificate of the advertisement data to be distributed, so that the data distribution subsystem can distribute valid advertisement data with timeliness when having a valid right of data distribution. Therefore, by implementing the embodiment, the advertisement data can be distributed based on the digital certificate, so that the conflict between the networking action and the advertisement action is avoided; meanwhile, by implementing the implementation mode, the advertisement data and the merchants can be reasonably controlled, so that the advertisement data sent by the scores have higher safety, and the trouble to the user is avoided.
Example 2
Referring to fig. 2, fig. 2 is a schematic flow chart of another data distribution method according to an embodiment of the present application. The data distribution method is applied to a data distribution subsystem, and comprises the following steps:
s201, detecting whether a data distribution subsystem has a merchant identity certificate, if so, executing a step S203; if not, go to step S202.
S202, sending a request of the merchant identity certificate to a data distribution center system.
S203, judging whether the merchant identity certificate is in the valid period, if so, executing the step S205; if not, go to step S204.
And S204, sending a merchant identity certificate request to the data distribution center system.
And S205, determining the data content to be distributed.
In this embodiment, the data content may be advertisement data to be distributed.
And S206, sending a data content certificate request to the data distribution center system according to the data content.
And S207, receiving a data digital certificate issued by the data distribution center system.
And S208, building a data wireless network according to the merchant identity certificate, and distributing the data content and the data digital certificate to the client system through the data wireless network.
In the embodiment, the method can build a data wireless network containing authentication according to the identity certificate, and if the authentication of the client accesses the wireless network of the data distribution subsystem, the authentication process of the certificate initiated by the client is completed.
In this embodiment, the data distribution subsystem may push advertisement data according to the data receiving rule fed back by the client device, then confirm the data distribution condition, and feed back the data distribution condition to the data distribution center system.
In this embodiment, the data in this embodiment may be understood as advertisement data, i.e., advertisements.
In the embodiment of the present application, the execution subject of the method may be a computing device such as a computer and a server, and is not limited in this embodiment.
In this embodiment, an execution subject of the method may also be an intelligent device such as a smart phone and a tablet computer, which is not limited in this embodiment.
It can be seen that, by implementing the data distribution method described in this embodiment, the data distribution subsystem can automatically perform validity detection on the merchant identity certificate and the certificate validation period stored in the data distribution subsystem, and automatically request a new merchant identity certificate when the merchant identity certificate does not exist or fails, thereby implementing automatic update of the merchant identity certificate. Meanwhile, the method can also automatically request the data content certificate of the advertisement data to ensure that the issued advertisement data is legal.
Example 3
Referring to fig. 3, fig. 3 is a flow chart illustrating another data distribution method according to an embodiment of the present application. The data distribution method is applied to a client system and comprises the following steps:
s301, when the data wireless network of the merchant is scanned, judging whether the data wireless network is in a preset data network white list, if so, executing a step S302; if not, the flow is ended.
In this embodiment, the user may select in advance which merchants provide advertisement data to receive, and rules such as data content of advertisements to receive, and scan for nearby wireless networks based on the rules.
S302, generating a random number and a time stamp, and forming time information according to the random number and the time stamp.
In this embodiment, the client system may scan out a data wireless network of a nearby merchant, and determine whether the data wireless network is a data wireless network of a merchant allowed by itself according to a wireless network name (the information is carried in the extension information of the merchant identity certificate), if the data wireless network is a name of a data wireless network in a data network white list (the data network white list is a wireless network directly selected or screened according to a custom rule from all wireless networks under the current data distribution center system after the client system is connected to the data distribution center system).
In this embodiment, the client system may generate a random number R1 and a timestamp T1, and compose time information Token1{ ═ R1| | T1 }.
S303, encrypting the time information by using the encryption public key of the merchant to obtain the encrypted information.
In this embodiment, the client system may further encrypt the time information Token1{ ═ R1| | T1} by using the encryption public key of the merchant, so as to obtain E2(Token 1).
S304, sending the encrypted information to the data distribution subsystem, so that the data distribution subsystem signs the generated feedback information through the merchant identity certificate after verification is carried out according to the encrypted information.
In this embodiment, the client sends Token1| | E2(Token1) to the data distribution subsystem.
S305, receiving feedback information fed back by the merchant, and extracting the merchant identity certificate.
In this embodiment, the data distribution subsystem decrypts the encrypted information received, obtains Token1, and confirms the time information based on the content thereof, thereby preventing information playback.
In this embodiment, the data distribution subsystem may generate a random number R2 and a time T2 by itself, form Token2{ ═ R1| | R2| | T1| | T2}, sign the Token, and then feed back the feedback information Token2| | S2(Token2) to the client system.
S306, verifying the merchant identity certificate, and establishing network connection with the data wireless network when the verification is passed.
In this embodiment, the client system may perform signature verification through the OCSP, and when the authentication is passed, establish a network connection and receive the advertisement.
In the present embodiment, if an error occurs in the above process, the process returns to execute step S301.
S307, receiving the data content and the data digital certificate, and sending a digital certificate request to the data distribution center system according to the data digital certificate.
In this embodiment, when receiving the advertisement data and the data digital certificate of the advertisement data, the client system may send the digital certificate of the advertisement data to the data distribution center system, so that the data distribution center system performs corresponding verification according to the data digital certificate to verify whether the advertisement is a subordinate advertisement of a merchant.
And S308, receiving a certificate inquiry result fed back by the data distribution center system.
S309, loading data content or discarding the data content according to the query result.
In this embodiment, the data in this embodiment may be understood as advertisement data, i.e., advertisements.
In the embodiment of the present application, the execution subject of the method may be a computing device such as a computer and a server, and is not limited in this embodiment.
In this embodiment, an execution subject of the method may also be an intelligent device such as a smart phone and a tablet computer, which is not limited in this embodiment.
It can be seen that, by implementing the data distribution method described in this embodiment, it can be preferentially determined whether the target wireless network is a wireless network that the user allows to receive data, thereby achieving the effect of customizing the advertisement data receiving network; meanwhile, the method can also carry out certificate authentication on the received advertisement data, thereby ensuring that the received advertisement data is legal, avoiding the reception of illegal advertisement data and further ensuring the safety of a client system in user equipment.
Example 4
Referring to fig. 4, fig. 4 is a schematic structural diagram of a data distribution system according to an embodiment of the present application. As shown in fig. 4, the data distribution system includes a data distribution center system, a data distribution subsystem, and a client system, wherein,
the data distribution center system 400 is configured to receive the network request information sent by the data distribution subsystem 500, and feed back the digital certificate to the data distribution subsystem 500;
the data distribution center system 400 is further configured to send a certificate query request to the client system 600, and feed back a certificate query result to the client system 600;
a data distribution subsystem 500 for distributing data content to client systems 600;
a client system 600 for receiving the data content distributed by the data distribution subsystem 500.
In this embodiment, the data in this embodiment may be understood as advertisement data, i.e., advertisements.
In the embodiment of the present application, for explanation of the data distribution system, reference may be made to the descriptions in embodiment 1, embodiment 2, or embodiment 3, and details are not repeated in this embodiment.
It can be seen that, by implementing the data distribution system described in this embodiment, online single-type advertisement distribution can be achieved by using a wireless network; meanwhile, the safety verification in the advertisement putting and receiving process can be realized by introducing the digital certificate; in addition, the timeliness of the certificate of the advertisement publisher and the timeliness of the advertisement are bound, and automatic management of the advertisement life cycle can be achieved.
An embodiment of the present application provides an electronic device, including a memory and a processor, where the memory is used to store a computer program, and the processor runs the computer program to make the electronic device execute the data distribution method in embodiment 1, embodiment 2, or embodiment 3 of the present application.
An embodiment of the present application provides a computer-readable storage medium, which stores computer program instructions, and when the computer program instructions are read and executed by a processor, the computer program instructions execute the data distribution method in embodiment 1, embodiment 2, or embodiment 3 of the present application.
In the several embodiments provided in the present application, it should be understood that the disclosed system and method may be implemented in other ways. The above-described system embodiments are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A data distribution method is applied to a data distribution center system, and the method comprises the following steps:
receiving network request information;
judging whether the network request information is a digital certificate request or not;
when the network request information is the digital certificate request, verifying according to the digital certificate request, and issuing a digital certificate to a corresponding data distribution subsystem when the verification is passed;
when the network request information is not the digital certificate request, judging whether the network request information is a certificate inquiry request;
and when the network request information is the certificate inquiry request, feeding back a certificate inquiry result to a corresponding client system according to the certificate inquiry request.
2. The data distribution method of claim 1, wherein the step of verifying according to the digital certificate request and issuing a digital certificate to the corresponding data distribution subsystem when verification is passed comprises:
identifying whether the digital certificate request is a merchant identity certificate request;
when the digital certificate request is the merchant identity certificate request, verifying the merchant identity, and issuing a merchant identity certificate to a corresponding data distribution subsystem when the verification is passed;
and when the digital certificate request is not the merchant identity certificate request, feeding back a certificate application failure reason to the data distribution subsystem.
3. The data distribution method of claim 1, wherein the step of verifying according to the digital certificate request and issuing a digital certificate to the corresponding data distribution subsystem when verification is passed comprises:
identifying whether the digital certificate request is a data content certificate request;
when the digital certificate request is the data content certificate request, authenticating a merchant identity certificate according to the data content certificate request;
judging whether the merchant identity certificate is in a valid period;
when the merchant identity certificate is in the validity period, acquiring a first HASH value or a first MAC value included in the data content certificate request, and acquiring data content corresponding to the data content certificate request;
calculating a second HASH value of the data content or a second MAC value of the data content;
determining whether the first HASH value is the same as the second HASH value, or determining whether the first MAC value is the same as the second MAC value;
when the first HASH value is the same as the second HASH value or the first MAC value is the same as the second MAC value, verifying the data content and the data security, and issuing a data digital certificate to a corresponding data distribution subsystem when the verification is passed; and the CN code of the data digital certificate is the same as that of the merchant identity certificate.
4. The data distribution method according to claim 1, wherein the step of feeding back the certificate inquiry result to the corresponding client system according to the certificate inquiry request comprises:
extracting a data digital certificate and a merchant identity certificate included in the certificate inquiry request, and extracting a first CN code in the data digital certificate and a second CN code in the merchant identity certificate;
judging whether the first CN code is the same as the second CN code;
when the first CN code is the same as the second CN code, judging whether the data digital certificate and the merchant identity certificate are both in a valid period;
and when the data digital certificate and the merchant identity certificate are both in the valid period, generating a certificate inquiry result, and feeding back the certificate inquiry result to the corresponding client system.
5. A data distribution method is applied to a data distribution subsystem, and the method comprises the following steps:
detecting whether a merchant identity certificate exists in the data distribution subsystem;
when the data distribution subsystem does not have the merchant identity certificate, sending a merchant identity certificate request to a data distribution center system;
when the data distribution subsystem has the merchant identity certificate, judging whether the merchant identity certificate is in a valid period;
when the merchant identity certificate is not in the validity period, sending a merchant identity certificate request to a data distribution center system;
when the merchant identity certificate is within the validity period, determining data content to be distributed;
according to the data content, sending a data content certificate request to a data distribution center system;
receiving a data digital certificate issued by the data distribution center system;
and building a data wireless network according to the merchant identity certificate, and distributing the data content and the data digital certificate to a client system through the data wireless network.
6. A data distribution method applied to a client system, the method comprising:
when a data wireless network of a merchant is scanned, judging whether the data wireless network is in a preset data network white list or not;
when the data wireless network is in the data network white list, authenticating the data wireless network, and establishing network connection with the data wireless network when the authentication is passed;
receiving data content and a data digital certificate, and sending a digital certificate request to a data distribution center system according to the data digital certificate;
receiving a certificate inquiry result fed back by the data distribution center system;
and loading the data content or discarding the data content according to the query result.
7. The data distribution method according to claim 6, wherein the step of authenticating the data wireless network and establishing a network connection with the data wireless network when authentication is passed comprises:
generating a random number and a time stamp, and forming time information according to the random number and the time stamp;
encrypting the time information by using the encryption public key of the merchant to obtain encryption information;
sending the encrypted information to a data distribution subsystem so that the data distribution subsystem signs the generated feedback information through a merchant identity certificate after verifying according to the encrypted information;
receiving feedback information fed back by a merchant, and extracting the merchant identity certificate;
and verifying the merchant identity certificate, and establishing network connection with the data wireless network when the merchant identity certificate passes the verification.
8. A data distribution system, comprising a data distribution center system, a data distribution subsystem, and a client system, wherein,
the data distribution center system is used for receiving the network request information sent by the data distribution subsystem and feeding back a digital certificate to the data distribution subsystem;
the data distribution center system is also used for the certificate inquiry request sent by the client system and feeding back the certificate inquiry result to the client system;
the data distribution subsystem is used for distributing data contents to the client system;
and the client system is used for receiving the data content distributed by the data distribution subsystem.
9. An electronic device, characterized in that the electronic device comprises a memory for storing a computer program and a processor for executing the computer program to cause the electronic device to perform the data distribution method of any one of claims 1 to 6.
10. A readable storage medium, in which computer program instructions are stored, which, when read and executed by a processor, perform the data distribution method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111599563.3A CN114266057A (en) | 2021-12-24 | 2021-12-24 | Data distribution method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111599563.3A CN114266057A (en) | 2021-12-24 | 2021-12-24 | Data distribution method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114266057A true CN114266057A (en) | 2022-04-01 |
Family
ID=80829799
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111599563.3A Pending CN114266057A (en) | 2021-12-24 | 2021-12-24 | Data distribution method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114266057A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030126431A1 (en) * | 2001-10-12 | 2003-07-03 | Beattie Douglas D. | Methods and systems for automated authentication, processing and issuance of digital certificates |
| JP2011151785A (en) * | 2009-12-25 | 2011-08-04 | Canon It Solutions Inc | Relay processing apparatus, relay processing method and program |
| US20120030469A1 (en) * | 2010-07-28 | 2012-02-02 | Symantec Corporation | Streamlined CSR Generation, Certificate Enrollment, and Certificate Delivery |
| US20130061281A1 (en) * | 2011-09-02 | 2013-03-07 | Barracuda Networks, Inc. | System and Web Security Agent Method for Certificate Authority Reputation Enforcement |
| US20160337134A1 (en) * | 2011-04-13 | 2016-11-17 | Disney Enterprises, Inc. | Authenticated content delivery platform |
| US20170006023A1 (en) * | 2015-07-01 | 2017-01-05 | International Business Machines Corporation | Using resource records for digital certificate validation |
| EP3720082A1 (en) * | 2019-04-05 | 2020-10-07 | Siemens Aktiengesellschaft | Method for issuing a cryptographically protected authenticity certificate for a user |
-
2021
- 2021-12-24 CN CN202111599563.3A patent/CN114266057A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030126431A1 (en) * | 2001-10-12 | 2003-07-03 | Beattie Douglas D. | Methods and systems for automated authentication, processing and issuance of digital certificates |
| JP2011151785A (en) * | 2009-12-25 | 2011-08-04 | Canon It Solutions Inc | Relay processing apparatus, relay processing method and program |
| US20120030469A1 (en) * | 2010-07-28 | 2012-02-02 | Symantec Corporation | Streamlined CSR Generation, Certificate Enrollment, and Certificate Delivery |
| US20160337134A1 (en) * | 2011-04-13 | 2016-11-17 | Disney Enterprises, Inc. | Authenticated content delivery platform |
| US20130061281A1 (en) * | 2011-09-02 | 2013-03-07 | Barracuda Networks, Inc. | System and Web Security Agent Method for Certificate Authority Reputation Enforcement |
| US20170006023A1 (en) * | 2015-07-01 | 2017-01-05 | International Business Machines Corporation | Using resource records for digital certificate validation |
| EP3720082A1 (en) * | 2019-04-05 | 2020-10-07 | Siemens Aktiengesellschaft | Method for issuing a cryptographically protected authenticity certificate for a user |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11514440B2 (en) | Method for issuing authentication information and blockchain-based server using the same | |
| CN109687959B (en) | Key security management system, key security management method, key security management medium, and computer program | |
| CN105608577B (en) | Method for realizing non-repudiation, payment management server and user terminal thereof | |
| US6993652B2 (en) | Method and system for providing client privacy when requesting content from a public server | |
| CN104954330B (en) | A kind of methods, devices and systems to be conducted interviews to data resource | |
| CN111355726B (en) | Identity authorization login method and device, electronic equipment and storage medium | |
| US20120210123A1 (en) | One-time password certificate renewal | |
| CN112134708A (en) | Authorization method, authorization request method and device | |
| CN113312664A (en) | User data authorization method and user data authorization system | |
| CN114666168B (en) | Decentralized identity certificate verification method and device, and electronic equipment | |
| CN110233850B (en) | Registration method, application server, user side and system based on alliance chain | |
| CN114338242B (en) | Cross-domain single sign-on access method and system based on block chain technology | |
| EP2262165B1 (en) | User generated content registering method, apparatus and system | |
| CN111709752A (en) | Virtual resource processing method and device, computer readable medium and electronic equipment | |
| CN104125230A (en) | Short message authentication service system and authentication method | |
| CN115460019B (en) | Method, apparatus, device and medium for providing digital identity-based target application | |
| CN106656955A (en) | Communication method and system and user terminal | |
| CN106911628A (en) | A kind of user registers the method and device of application software on the client | |
| CN113746916A (en) | Block chain-based third-party service providing method, system and related node | |
| CN115955364B (en) | User identity information confidentiality method and system of network bidding transaction system | |
| CN110034922B (en) | Request processing method, processing device, request verification method and verification device | |
| CN116132071B (en) | Identity authentication method and device for identification analysis node based on blockchain | |
| CN110995454A (en) | Service verification method and system | |
| CN114266057A (en) | Data distribution method and system | |
| CN115242471A (en) | Information transmission method and device, electronic equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |