CN104022883B - A kind of personal information protection shopping at network technology based on logistics network - Google Patents

Abstract

The invention relates to network information security in the field of computer technology. By making full use of the large number of logistics network business outlets and their wide distribution, combined with the huge demand of citizens for online shopping, a logistics network-based citizen personal information protection network shopping technology is proposed. This technology fully protects the personal information security of citizens in the online shopping process by means of the public key cryptography system. The invention helps express logistics enterprises to further expand their business scope, create new profit growth points, further promote the sales of online commodities, and help legal special product industries better integrate their sales into online shopping platform. The technical solution proposed by the invention can enable the national administrative law enforcement agency to fully intervene in the investigation of sales information and logistics information of commodities when necessary, without causing obstacles to law enforcement, and can prevent illegal transactions from being separated from legal supervision by means of online sales platforms.

Description

A Personal Information Protection Online Shopping Technology Based on Logistics Network

technical field

The present invention relates to network information security in the field of computer technology, and in particular to the use of information security technology to make full use of the wide distribution of logistics network business outlets, combined with the huge demand of citizens for online shopping, while fully protecting the personal information security of citizens in the process of online shopping, for logistics The company further expands its business scope and creates new profit growth points.

Background technique

Existing online shopping websites (hereinafter referred to as Web) require all users who use their online shopping platforms to buy and sell goods, to fill in important personal information such as personal name, family or work address, mobile phone number, etc. when applying for account ID registration. For a legally operating Web, due to the constraints of national laws and regulations, it will not disclose the personal information of registered users at will. However, when an online shopper (hereinafter referred to as the buyer) selects a product at a store on the Web (hereinafter referred to as the seller), generates a shopping order and pays successfully, the Web will display the buyer's name, phone number, address information, etc. to the seller. In this process, sellers collect a large amount of user information, and can even gain insight into the personal privacy of buyers through the analysis of the products they sell. The current express delivery mode is that after the goods arrive at the destination, the express logistics company (hereinafter referred to as Exp) notifies the buyer to pick up the goods by phone or text message. When the seller delivers the goods, Exp requires the seller to fill in their personal information and the buyer's personal information on the logistics express list. As a result, Exp will collect a huge amount of personal information of buyers and sellers, which will become to some extent If it becomes public information, the security of the information and the legitimacy of its use cannot be effectively guaranteed, and the security of citizens' personal information is seriously threatened. The occurrence of fraud or criminal cases.

Because the safety of these important personal information is closely related to the vital interests of buyers, many buyers actually do not want anyone to know their personal information and the information of the purchased goods except the Web. On the one hand, this will increase the psychological security burden of citizens shopping, reduce the types of shopping products, and limit the online marketing space of some legal and special products; Ordinary legal products are accepted by a wider range of people through online platforms. The profit of Exp is directly linked to the number of orders for online shopping goods. If more people can accept the online shopping model without psychological burden, it will undoubtedly increase the flow of express logistics and increase the income of Exp. At the same time, if it can help Exp to actively expand new business space in the existing logistics network while meeting the security needs of online shopping users, it will undoubtedly be a win-win situation for the Web, sellers, buyers and Exp.

In the process of online shopping, buyers and sellers are usually in different places, and Exp generally has a large number of widely distributed business outlets (hereinafter referred to as Agent). In fact, the many Agents owned by Exp can not only engage in express logistics, but the relative stability of its business outlets and industry professionalism make it fully capable of acting as an agent to sign for express goods. Web can negotiate with Exp, a major domestic express logistics company, whether to agree to open the user privacy protection shopping mode on its shopping platform, that is, the anonymous shopping agent sign-in mode. Web and Exp should sign service quality standards under the principle of maximally safeguarding the interests of users. All the signing, storage and collection of goods should be based on laws and evidence, and agreement should be reached on the methods and methods of handling various possible disputes. At the same time, Exp enterprises should formulate strict requirements for Agents to comply work standards and service specifications. Web and Exp negotiate the distribution ratio of each successful anonymous shopping agency fee, and the charging standards and service standards of this model, as well as the service agreements that buyers who use this model need to abide by, are in compliance with the relevant laws of the country on the express logistics industry Under the conditions stipulated by laws and regulations, publicity and explanations shall be made to the public. Any buyer can obtain the address information of the desired goods delivered to the Agent by consulting Exp. After the buyer purchases the goods on the Web, the Agent can be used as the agent to sign for the goods.

In order to ensure the security and confidentiality of electronic transactions on the Internet, and to prevent fraud and denial that may occur during the transaction, Web and Exp must have digital certificates issued by a digital certificate certification center for sending to Others confirm their identity. As an impartial third party, the digital certificate certification center is authoritative and credible. A digital certificate is a unique and reliable electronic document, usually using a public key cryptosystem such as RSA, elliptic curve cryptography, etc. The certificate contains part of the user's personal information and his public key information, as well as the signature information of the certification authority. The characteristic of the public key cryptosystem is that data encryption and decryption need to use two different keys, and it is difficult to deduce the other key from one key. In actual use, you only need to keep one of them strictly confidential, called the private key, and use it to decrypt and sign; the other can be made public, called the public key, used to encrypt and verify the signature. When sending a secret document, the sender uses the receiver's public key to encrypt the data. Since the encrypted information can only be decrypted by the real receiver who has the private key, the confidential transmission of data is realized. When a document or message needs to be signed, the sender uses its own private key to encrypt the data, and the receiver uses the sender's public key to decrypt the data, because the information that can be successfully decrypted can only be the information that is truly mastered. It is encrypted by the sender of the key, and in this way the sender realizes the signature of the data.

Contents of the invention

The present invention makes full use of the fact that when the anonymous shopping mode is adopted, the seller, the delivery Exp, and the Agent only grasp part of one-sided information among each other, for example, the seller only knows the ID number of the buyer, the commodities selected in the order, and the Agent address filled in by the buyer. Other than that, the buyer’s other personal information is unknown; the delivery Exp selected by the seller only knows the seller’s personal information and delivery product information, as well as the Agent’s address and contact information, and has no information about the buyer’s personal information. Known; Agent only knows the delivery logistics information and the personal information of the seller on the logistics list, but does not know anything about the buyer’s personal information, which only needs to be used to complete the transportation of the goods and sign for the agent Collusion will not constitute a violation of the buyer's personal information security.

The brief process of the anonymous shopping mode proposed by the present invention is as follows: the buyer selects the commodity in the seller’s store to generate an order number of After order and payment, Web will After encrypting and signing, send it to Exp to witness the anonymous shopping together with Exp; then the seller selects the delivery Exp, and the delivery Exp sends the logistics order number to The goods are delivered to the Agent; after the Agent signs for the receipt, the logistics order number will be The arrival information of the goods is reported to Exp; After being encrypted and signed, it is sent to the Web; the Web can obtain the relevant information by querying the anonymous shopping database. corresponding As well as the buyer's information, since the goods have been accepted and signed at an Agent point to which Exp belongs, the Web can to identify the authenticity of the data, so that replay attacks can be identified, if the logistics order number If it is true and effective, the Web will send the logistics tracking number to the buyer's mobile phone as Notification of the arrival of the goods, and at the same time, the buyer's Web registration account is issued to the buyer's Web registration account to generate the receipt certificate Ticket; after the buyer has passed the multi-identity authentication, he logs in to his account on the Web, and can verify the authenticity of the arrival notification and at the same time Get the pickup certificate Ticket generated by the Web; then the buyer takes the arrival notice and the Ticket to the Agent agency point to pay for the pickup; the Agent submits the Ticket from the user to Exp; Exp decrypts the Ticket to establish and According to the corresponding relationship between them, Exp forwards the Ticket to the Web; the Web decrypts the Ticket to know that the buyer has submitted the Ticket to the Agent and took away the goods, and the anonymous shopping process has been successfully completed since then.

During anonymous shopping, the order number of the item After being encrypted by Web with Exp’s public key, it is signed with its own private key, and then Web submits it to Exp. The purpose of this is that although Exp does not need to know the buyer’s personal information, in order to protect the rights and interests of Exp, In the event of a dispute, it is convenient for Exp to know the detailed commodity information of the goods signed by the agent, he can use the order number Go to the anonymous shopping database of the Web to query the detailed commodity information of the order number except for the buyer information. At the same time, the Web and Exp can jointly witness the anonymous shopping process, prevent the goods from being intercepted by the Agent privately, and solve other possible problems. dispute.

In order to prevent computer hackers from cracking the buyer's account information, and to prevent mobile phone hackers from illegally obtaining the buyer's SMS information, the content of the notification message and the receipt of the goods Ticket should be stored separately in the buyer's mobile phone and the buyer's account on the Web. . Buyers must go through multiple identity authentications such as account passwords, digital certificates, and mobile phone verifications before they can log in to their web accounts to obtain the receipt voucher generated by the web. There are problems such as a single pick-up certificate, a loose check of the identity of the pick-up person, and easy fraudulent claim of the goods in the express delivery method. Even if a hacker cracks the buyer's account password to obtain the goods' logistics order number and the arrival Agent address information, he cannot get the Ticket if he cannot obtain the user's mobile phone, because the installation of the buyer's digital certificate must be verified by the buyer's mobile phone. . If the hacker software in the buyer's mobile phone illegally steals the logistics order number in the buyer's mobile phone text message, but he does not know which Agent the goods have arrived at, and he cannot pick up the goods without getting the buyer's pick-up certificate Ticket.

In order to prevent attackers from forging the delivery voucher Ticket to claim the goods or using the old delivery voucher Ticket to repeatedly pick up the goods, the logistics order number Only after being verified by the Web, the Web will send the ticket to the buyer. The Ticket is generated by the Web signature, and the signature information cannot be forged by the attacker. After the Agent submits the buyer's pick-up certificate Ticket to Exp, Exp can only create a logistics order number by decrypting the Ticket with order number The corresponding relationship between them, and get the signature result of the Web, and complete this anonymous shopping. If the seller conspires with Agent, Exp can know the tracking number with order number However, since he cannot counterfeit the signature of the Web, he cannot intercept the goods privately.

Every step in the anonymous shopping process is processed by corresponding security technology, which has confidentiality, security and non-repudiation. In case of disputes, these encrypted information can be used as evidence. In terms of the payment method of the agent's signing fee, it must be the way that the user pays after the agent signs for the receipt and the user picks up the goods from the agent. If it is paid in advance, the Agent may deliberately refuse to sign for the goods because it has already received the agency fee.

The present invention limits all the highly specialized data processing processes related to data encryption and signature in the anonymous shopping mode between the Web and Exp, and for the agents and buyers of Exp everywhere, they do not feel these With the existence of the process, the buyer's pick-up process is almost the same as the ordinary express pick-up process, which will not cause inconvenience to them. While fully compatible with the existing online shopping model, it allows buyers to independently choose a shopping logistics solution that suits their own security needs when shopping, which helps to fully protect the personal information security of online shoppers and helps logistics companies to further expand their business range, creating new profit growth points, and on this basis, it will help further promote the sales of online commodities, and help the legal special product industry to better integrate its sales business into online shopping platforms. Since all information related to the order, such as buyers, sellers, commodities, and logistics, is recorded in the Web database, once government law enforcement agencies need to intervene in the sales investigation of a certain commodity, they can obtain information related to it from the website database. All the detailed information will not cause any obstacles to law enforcement, so that illegal transactions can be avoided from legal supervision by means of shopping website sales platforms.

detailed description

In this patent application description, the symbol Indicates a certain nationally recognized commercial public key cryptosystem data encryption algorithm; mathematical formula express use As an encryption key, the plaintext encrypted as ciphertext ;symbol with represent the public key and private key of Exp respectively, with Represents the public and private keys of the Web, respectively; the symbol Indicates the order number of a product in anonymous shopping mode, the symbol Indicates the delivery logistics tracking number of the order product, and the symbol Ticket indicates the buyer's pick-up certificate; the symbol " "Indicates that the two messages before and after it are sequentially spliced into a new message.

(1) The order number after the buyer completes the product selection on the web platform and pays successfully When it takes effect, buyers can choose the anonymous shopping mode, and then choose an Agent of their own intention from the Exp that cooperates with the Web as the agent to sign for the goods. The buyer can require the seller to take pictures of the outer packaging and weighing pictures of the courier and indicate the weighing weight on the logistics bill when delivering the goods, waiting for the seller to deliver.

(2) Web uses Exp's public key will order number After encryption, use your own private key Sign it to generate ciphertext , and then the ciphertext Send to Exp. ciphertext The role of is to tell Exp by the Web that there is an order number of The goods of are about to be sent to an Agent to which Exp belongs, so that Exp knows the existence of such an agency signing business, and the purpose of doing this is to prevent Agent from intercepting the goods without permission. Exp received the ciphertext The public key of the web can then be used decrypt it to get , then use your own private key further decrypted to obtain , Exp converts the ciphertext Feedback to Web Save, Receive information from the Web as an Exp subsequent response information. Exp can use Go to the Web database to query the product information of the order, and obtain part of the right to know about the upcoming anonymous shopping process to protect their own rights, but the Web should prevent them from viewing the buyer's information. At this time Exp does not know the order number and tracking number Correspondence between.

(3) The seller selects the delivery Exp after properly packaging the order goods. The delivery Exp and the buyer's selected agent sign-in Exp can be the same or different. Fill in the delivery Exp logistics list with the Agent specified by the buyer in the order The address and contact information are used as the consignee's information, and the weight of the packaged goods is filled in the logistics bill, and the packaging and weighing results of the express package are photographed. The seller should promptly fill in the order number on the Web as The delivery logistics order number of the goods , and at the same time, a copy of the delivery-related photos should be sent to the buyer through the shopping communication software, so that the buyer can check and accept the goods.

(4) After the delivery Exp expresses the goods to the agent point, the relevant person in charge of the Agent will check the outer packaging of the goods according to the service standard requirements, and weigh the goods to check whether the difference between the weight of the goods and the weight indicated on the logistics list is within the specified range, and take photos for archiving After the receipt, the archived photos are used for arbitration when the goods are signed for disputes. The arrival notification of the goods is sent to Exp. Otherwise, the agent refuses the visa, which means that the anonymous shopping process will not get the agency fee paid by the buyer, but being responsible for the buyer also maintains and improves the agent's service reputation.

(5) Exp will send the logistics order number Using the public key of the web After encryption, use your own private key signature generation ,Will Send to the Web, at this time Exp can not determine the order number and tracking number Correspondence between.

(6) Web receives the message from Exp After that, Exp's public key can be used Will Decrypt to get , and then the Web uses the private key that only it owns decrypt Obtain the content in it, that is, the logistics order number . Web use As a key to the order database using an anonymous service lookup and corresponding order number Register the account ID and phone number with the buyer. Since the goods have been signed for by the Agent at this time, the Web can verify the real validity to prevent replay attacks. if the If it is an old tracking number or there is no corresponding receipt record, Web will return it to Exp for re-verification. If the Web should If the verification is correct, the Web generates ciphertext Feedback to Exp to save, Received information from Exp as Web subsequent response information. At this time, the Web knows that the logistics tracking number is The goods whose order number is , has been delivered to the Agent and is waiting for the buyer to pick up the goods.

(7) The Web sends the tracking number to the buyer's mobile phone as The arrival notification of the goods, and at the same time the Web generates , and store the Ticket in the buyer's Web account. From the perspective of convenience and speed, the Ticket can be generated in the form of a barcode or a QR code, which is used as a proof of delivery from the buyer to the Agent, and the Web saves the message at the same time. .

(8) After the buyer receives the notification information from the Web, he must pass multiple authentications such as password, digital certificate, and mobile phone to log in to his account on the Web. The buyer can identify the logistics order number by checking the seller's delivery logistics information To prevent SMS fraud, if it is true, the buyer can also get the ticket generated by the Web.

(9) The user takes the Ticket to the Agent point he knows, and informs the , and then submit the Ticket to the Agent. Agent submits the Ticket from the buyer to Exp, and Exp uses the public key of the Web Decrypt the Ticket to get it , with your own private key Further decryption can know the order number and tracking number Correspondence between, Exp to its own database to query whether there is a relationship with Same history to prevent replay attacks. if If it is new, Exp returns to the agent point Agent , returned by the Agent verification Exp with the buyer's phone Is it consistent. Exp stores the Ticket in the database for handling possible disputes, and at the same time Exp forwards the Ticket to the Web. Since Exp can only obtain a Web-signed Ticket from the buyer, and then create an order number and tracking number The corresponding relationship between them completes the transaction. If the seller conspires with Exp, Exp will learn the tracking number from the seller with order number Correspondingly, but since none of them can counterfeit the signature of the Web, they can only use the old Ticket to forward it to the Web through a replay attack. When the Web decrypts the Ticket and performs replay verification, the authenticity of the Ticket can be found. If the Ticket is true, the Web can know that the buyer has given the Ticket to the Agent and took the goods.

(10) Agent checks the buyer's mobile phone and Exp returns the When consistent, the logistics order number is The goods will be handed over to the buyer for inspection. If there is no problem, the buyer will pay the fee and take the goods away. The anonymous shopping process will be completed successfully. Otherwise, the dispute between the buyer and the Agent will be negotiated according to the service standards and work specifications. deal with.

(11) When returning or exchanging goods, the buyer first clicks on the anonymous return and exchange application for an order product on the Web, and waits for the seller's approval. After the buyer pays the anonymous return agency fee to Web, the buyer fills in the anonymous return customer service address and phone number provided by Web as the consignor's information on the shipping logistics list of the express logistics company he selected, and then accurately fills in the seller's information. The address and phone number of the goods shall be used as the recipient information, and the outer packaging and weighing results of the goods shall be photographed and archived. After the buyer delivers the goods, he should fill in the logistics information of the goods sent on the Web shopping platform in time. Since the Web knows all the information about the buyer, seller, order number of the return application, logistics order number, etc., if there is a problem with the goods during transportation, it can notify both parties in time, and the participation of Exp and Agent is no longer required.

Claims (2)

1. a kind of personal information protection shopping at network method based on logistics network, it is characterised in that make full use of Express Logistics public Department has substantial amounts, widely distributed agent point Agent, and the Agent for these being had industry professional is used as citizen's network The agency side of signing for of shopping, buyer are received after the arrival notice information of Web, and experience account password, digital certificate, mobile phone are tested Card Multi Identity Attestation logs in Web accounts and obtains the picking voucher Ticket generated by Web, and buyer holds arrival notice and Ticket Arrive Agent paying pickings；

Concrete mode is following and does following explanation, and wherein, Web, Exp are expressed as websites, Express Logistics enterprise； SymbolRepresent the business public-key cryptosystem DEA of a certain authorized by state；Mathematical formulaeTable ShowUseAs encryption key, will be in plain textIt is encrypted as ciphertext；SymbolWithRespectively represent Exp public key and Private key,WithThe public key and private key of Web are represented respectively；SymbolRepresent a business using anonymous shopping mode Product order number, symbolRepresent the delivery logistics odd numbers of the order commodity, symbol Ticket represent the picking of buyer with Card；Symbol "" represent its former and later two message sequence is spliced into a new message；

Step is as follows：

（1）Buyer Web platforms complete commodity select and successful payment after order numberCome into force, buyer chooses and hides Name shopping mode, then chooses agency the sign for sides of the Agent as goods of oneself purpose from the Exp with web collaboration； Buyer can require seller deliver when must take quick despatch external packing picture and weigh picture and on logistics list note Bright weight of weighing, waits seller's delivery；

（2）Public keys of the Web using ExpBy order numberThe private key of oneself is reused after encryptionTo it carry out Signature generates ciphertext, then by ciphertextIt is sent to Exp；Exp receives ciphertextUse afterwards The public key of WebBy decryption obtain, then using the private key of oneselfFurther decryption is obtained, Exp is by ciphertextWeb preservations are fed back to,The letter from Web is received as Exp BreathResponse message afterwards；Exp is usedThe merchandise news of the order is inquired about in the database of Web, is obtained to i.e. By the part right to know of the anonymous shopping process for occurring to safeguard the rights and interests of oneself, but Web should prevent which from consulting the letter of buyer Breath；Now Exp is not aware that order numberWith logistics odd numbersBetween corresponding relation；

（3）Seller will choose delivery Exp after order commodity properly pack, delivery Exp agencies selected with buyer sign for Exp can With identical can also be different, fill in address and the contact method of the Agent that buyer is specified in order on delivery Exp logistics lists As consignee's information, and the weight of goods after packaging is filled on logistics list, quick despatch packaging is clapped with weighing results According to；Seller should on Web, filling in order number be in timeGoods delivery logistics odd numbers, while should be by Delivery relevant picture issues buyer's portion copy by exchange software of doing shopping；

（4）After goods is handed to agent point Agent by delivery Exp soon, the responsible person concerned by Agent is according to service criterion requirements Goods external packing is checked, and whether inspection goods weight of weighing is differed in prescribed limit with logistics list Marked Weight, is taken pictures and is deposited Sign for after shelves, while logistics odd numbers is by AgentGoods arrival notice send to Exp；Otherwise Agent denials；

（5）Exp is by logistics odd numbersOpen key using WebAgain with the private key of oneself after encryptionSignature Generate, willWeb is sent to, now Exp still not can determine that order numberWith thing Stream odd numbersBetween corresponding relation；

（6）Web receives the message from ExpAfterwards, using the open key of ExpWillDecryption is obtained, then Web reuse only oneself grasp private keyDecryptionObtain wherein Content be logistics odd numbers；Web is usedAs keyword to the order data using anonymous service Library lookup withCorresponding order numberWith buyer's register account number ID and telephone number, due to now goods Thing is signed in agent point Agent, so Web can verify thisReal effectiveness preventing Replay Attack； If shouldFor old logistics odd numbers or without accordingly signing for recording, it is returned to Exp by Web allows which to examine again； If Web is to thisExamine errorless, then Web generate ciphertextFeed back to Exp guarantors Deposit,The information from Exp is received as WebResponse message afterwards；Now Web knows that logistics odd numbers is Goods its order number be, it has been sent at Agent, has waited buyer's picking；

（7）Web sends logistics odd numbers to buyer's mobile phoneGoods arrival notice, while Web generate, the Ticket is stored in the Web accounts of buyer, Ticket is with bar The mode of shape code or Quick Response Code is generated, and the picking voucher as buyer to Agent, Web preserve message simultaneously；

（8）Buyer is received after the announcement information of Web, it is necessary to logged in through password, digital certificate, mobile phone Multi Identity Attestation Oneself account in Web, buyer distinguish logistics odd numbers by checking seller's delivery logistics informationThe true and false in case Only note fraud, if true, buyer obtains the picking voucher Ticket of Web generations simultaneously；

（9）User holds the Agent agent points that Ticket knows to oneself, informs in SMS, then will Ticket submits to Agent, and the Ticket from buyer is submitted to Exp, public keys of the Exp with Web by AgentBy Ticket Decryption is obtained, with the private key of oneselfOrder number is learnt in decryptionWith logistics list NumberBetween corresponding relation, Exp inquire about in the database of oneself whether there is withIdentical is gone through The Records of the Historian is recorded to prevent Replay Attack；IfBrand-new then Exp is returned to agent point Agent, by Agent Checking Exp is returnedIn buyer's mobile phoneWhether consistent；Exp by Ticket be stored in database with The standby dispute for running into is processed, while Ticket is transmitted to Web by Exp；

（10）Agent is verified in buyer's mobile phoneWith Exp returnsWhen consistent, by logistics odd numbers it isGoods give buyer inspection, if having no problem, buyer pays and expense takes goods away, this time anonymous shopping Process is successfully completed, and otherwise Web consults Exp and enters according to service standard and job specification with regard to the dispute between buyer and Agent Row is processed.

2. a kind of personal information protection shopping at network method based on logistics network according to claim 1, its feature exist When goods is replaced, buyer clicks on anonymous goods return and replacement application in Web with regard to a certain order commodity first, waits seller to agree to；Buyer After anonymous goods return and replacement agency fee is paid to Web, will be by Express Logistics company delivery logistics list of the buyer selected by oneself The anonymous goods return and replacement customer service address and phone provided by Web extends this as consignor's information, then accurately fill in the address of seller with Phone is used as addressee information, and should carry out mug to goods external packing and weighing results；After buyer's delivery, should be in time The logistics information of delivered thing is filled on the shopping platform of Web.