[go: up one dir, main page]

CN108763934B - Data processing method and device, storage medium and server - Google Patents

Data processing method and device, storage medium and server Download PDF

Info

Publication number
CN108763934B
CN108763934B CN201810541810.6A CN201810541810A CN108763934B CN 108763934 B CN108763934 B CN 108763934B CN 201810541810 A CN201810541810 A CN 201810541810A CN 108763934 B CN108763934 B CN 108763934B
Authority
CN
China
Prior art keywords
data transfer
result information
server
execution result
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810541810.6A
Other languages
Chinese (zh)
Other versions
CN108763934A (en
Inventor
孙江凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201810541810.6A priority Critical patent/CN108763934B/en
Publication of CN108763934A publication Critical patent/CN108763934A/en
Application granted granted Critical
Publication of CN108763934B publication Critical patent/CN108763934B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data processing method and device, a storage medium and a server, wherein the data processing method comprises the following steps: receiving processing result information fed back by a second server for a data transfer request, wherein the data transfer request is sent to the second server by the first server; generating first execution result information corresponding to the processing result information based on a data transfer interface, and changing the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface; and generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormity detection capability of the first server according to the verification result. By adopting the technical scheme, the payment safety can be improved.

Description

Data processing method and device, storage medium and server
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a data processing method and apparatus, a storage medium, and a server.
Background
With the development of mobile payment, payment security in the payment process is more and more concerned, and in order to avoid hackers from tampering information in the payment process, a process for detecting various payment anomalies occurring in the payment process is usually set in a server, and if the server detects the payment anomalies, an alarm is given or the payment process is interrupted, and the like. However, the payment anomaly detection process usually set in the server may also fail for various reasons, for example, even if a payment anomaly occurs, the anomaly is not detected, which greatly reduces the security of the payment process.
Disclosure of Invention
Embodiments of the present invention provide a data processing method and apparatus, a storage medium, and a server, which can determine a data anomaly detection capability of a first server by changing a first execution result information into a second execution result information, so as to improve payment security.
In a first aspect, an embodiment of the present invention provides a data processing method, including:
receiving processing result information fed back by a second server for a data transfer request, wherein the data transfer request is sent to the second server by the first server;
generating first execution result information corresponding to the processing result information based on a data transfer interface, and changing the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
and generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormity detection capability of the first server according to the verification result.
In one possible design, the generating, based on a data transfer interface, first execution result information corresponding to the processing result information, and tampering the first execution result information with second execution result information according to program code for tampering information in the data transfer interface includes:
processing the processing result information based on a first function in a data transfer interface to obtain first execution result information corresponding to the processing result information;
tamper the first execution result information to second execution result information based on program code for tampering information in the data transfer interface, the program code being code newly injected into the data transfer interface.
In one possible design, the generating a verification result corresponding to the second execution result information based on the data transfer interface includes:
and verifying the second execution result information based on a second function in the data transfer interface to generate a verification result corresponding to the second execution result information, wherein the verification result is used for indicating whether the second execution result information is real execution result information.
In one possible design, the determining, according to the verification result, the data transfer abnormality detection capability of the first server includes:
if the verification result is used for indicating that the second execution result information is not the real execution result information, determining that the data transfer abnormality detection capability of the first server is normal;
and if the verification result is used for indicating that the second execution result information is the real execution result information, determining that the data transfer abnormality detection capability of the first server is abnormal.
In one possible design, the method further includes:
acquiring the program code for tampering information, and compressing the program code into a code packet;
configuring the incidence relation between the code package and the first function in the data transfer interface, and newly injecting the program code in the code package into the data transfer interface through the incidence relation between the code package and the first function.
In one possible design, the code package is a jar package in archive file jar format; the method further comprises the following steps:
storing the jar package in a storage directory corresponding to an archive file format in the first server;
the configuring the association relationship between the code packet and the first function in the data transfer interface comprises:
acquiring a configuration file, wherein the configuration file is used for recording injection information of a code packet newly injected into the data transfer interface;
adding injection information of the jar packet in the storage directory in the configuration file, wherein the injection information is used for indicating that the program code of the jar packet is injected between the first function and the second function in the data transfer interface, the execution priority of the first function is greater than that of the program code, and the execution priority of the program code is greater than that of the second function.
In a possible design, the processing result information includes a ciphertext returned by the second server after encrypting an actual data migration parameter, the first execution result information includes the actual data migration parameter obtained after decrypting the ciphertext, the second execution result information includes a forged data migration parameter obtained after tampering the actual data migration parameter, and the forged data migration parameter is different from the actual data migration parameter.
In a second aspect, an embodiment of the present invention provides a data processing apparatus, applied to a first server, including:
a receiving module, configured to receive processing result information fed back by a second server for a data transfer request, where the data transfer request is sent to the second server by the first server;
an information tampering module, configured to generate first execution result information corresponding to the processing result information based on a data transfer interface, and tamper the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
and the verification module is used for generating a verification result corresponding to the second execution result information based on the data transfer interface and determining the data transfer abnormity detection capability of the first server according to the verification result.
In one possible design, the information tampering module includes:
the processing unit is used for processing the processing result information based on a first function in the data transfer interface to obtain first execution result information corresponding to the processing result information;
a tampering unit, configured to tamper the first execution result information into second execution result information based on a program code for tampering information in the data transfer interface, where the program code is a code newly injected into the data transfer interface.
In a possible design, the generating, by the verification module based on the data transfer interface, the verification result corresponding to the second execution result information specifically includes:
and verifying the second execution result information based on a second function in the data transfer interface to generate a verification result corresponding to the second execution result information, wherein the verification result is used for indicating whether the second execution result information is real execution result information.
In a possible design, the determining, by the verification module according to the verification result, the data transfer abnormality detection capability of the first server specifically includes:
if the verification result is used for indicating that the second execution result information is not the real execution result information, determining that the data transfer abnormality detection capability of the first server is normal;
and if the verification result is used for indicating that the second execution result information is the real execution result information, determining that the data transfer abnormality detection capability of the first server is abnormal.
In one possible design, the apparatus further includes:
the code packet acquisition module is used for acquiring the program code for tampering information and compressing the program code into a code packet;
the configuration module is used for configuring the incidence relation between the code packet and the first function in the data transfer interface and newly injecting the program code in the code packet into the data transfer interface through the incidence relation between the code packet and the first function.
In one possible design, the code package is a jar package in archive file jar format; the device further comprises:
the storage module is used for storing the jar package in a storage directory corresponding to the archive file format in the first server;
the configuration module includes:
the acquisition unit is used for acquiring a configuration file, and the configuration file is used for recording injection information of a code packet newly injected into the data transfer interface;
an adding unit, configured to add, in the configuration file, injection information of the jar packet in the storage directory, where the injection information is used to instruct that program codes of the jar packet are injected between the first function and the second function in the data transfer interface, an execution priority of the first function is greater than an execution priority of the program codes, and the execution priority of the program codes is greater than an execution priority of the second function.
In a possible design, the processing result information includes a ciphertext returned by the second server after encrypting an actual data migration parameter, the first execution result information includes the actual data migration parameter obtained after decrypting the ciphertext, the second execution result information includes a forged data migration parameter obtained after tampering the actual data migration parameter, and the forged data migration parameter is different from the actual data migration parameter.
In a third aspect, an embodiment of the present invention provides a first server, including a processor and a memory;
the processor is connected to the memory, wherein the memory is used for storing program codes, and the processor is used for calling the program codes to execute the method of the first aspect.
In a fourth aspect, an embodiment of the present invention provides a computer storage medium, where a computer program is stored in the computer storage medium, where the computer program includes program instructions, and the program instructions, when executed by a processor, perform the method of the first aspect.
In the embodiment of the invention, the first server changes the first execution result information into the second execution result information according to the program code for tampering information in the data transfer interface, simulates the information tampering process, and generates the verification result corresponding to the second execution result information based on the data transfer interface, so that the data transfer abnormity detection capability of the first server is determined according to the verification result, and the payment safety is improved.
Drawings
In order to illustrate embodiments of the present invention or technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a diagram of a system architecture according to an embodiment of the present invention;
fig. 2 is a flowchart of a data processing method according to an embodiment of the present invention;
FIG. 3 is a flow chart of another data processing method according to an embodiment of the present invention;
FIG. 4 is a diagram of a payment interaction provided by an embodiment of the invention;
fig. 5 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a first server according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.
The first server of the embodiment of the invention can be a bank front-end processor, and the second server can be a bank server.
Referring to fig. 1, a system architecture diagram according to an embodiment of the present invention is shown, where the system architecture includes a terminal device, a first server, and a second server, and the terminal device may install a data transfer client, such as a payment client, for triggering a data transfer request and receiving a data transfer result. The terminal device may include a personal computer, a notebook computer, a smart phone, a tablet computer, a vehicle-mounted terminal, a portable wearable device, and the like.
The first server can be a bank front-end processor, which is an intermediate device commonly used for realizing outward expansion of traditional bank business, and the main functions of the bank front-end processor are message authentication, network communication, transaction data format conversion, transaction flow record, transaction preprocessing, transaction monitoring, transaction data statistics and the like.
The second server may be a bank server, and a large amount of user data is stored in the bank server to realize a core process of data transfer. Generally, in order to ensure the security of user data, the bank front-end processor is only allowed to perform data communication with the second server according to messages with a specific format, and a third party is not allowed to inject codes into the bank server for testing and the like.
The terminal device may be in data communication with a first server, which may be in data communication with a second server. The terminal device may trigger a data transfer request to a first server, which performs data communication with a second server according to the data transfer request, to implement a data transfer function, which includes, but is not limited to, a payment function, a deduction function, and the like. The second server returns processing result information to the first server, for example, the processing result information may be a ciphertext obtained by encrypting an actual payment amount, the first server processes the processing result information returned by the second server to obtain first execution result information, for example, decrypts the ciphertext to obtain the actual payment amount, and the first server may return data transfer result information, for example, data transfer result information indicating that data transfer is successful or failed, to the terminal device according to the first execution result information.
In the embodiment of the present invention, in order to determine the data transfer abnormality detection capability of the first server, a program code for tampering information is newly injected into the first server, and according to the program code, correct first execution result information is tampered with to incorrect second execution result information, that is, an information tampering process is simulated, and a verification result corresponding to the second execution result information is further generated, so that the data transfer abnormality detection capability of the first server is determined according to the verification result. For example, if the verification result indicates that the second execution result information is not the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is normal, and if the verification result is used to indicate that the second execution result information is the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is not normal. By the method, whether the data transfer abnormity detection capability of the first server is normal or not can be found in time, and the payment safety is improved.
The data processing method provided by the embodiment of the invention will be described in detail below with reference to fig. 2 to 4.
Referring to fig. 2, a flow chart of a data processing method according to an embodiment of the invention is shown. As shown in fig. 2, the data processing method of an embodiment of the present invention may include the following steps S101 to S103.
S101, receiving processing result information fed back by a second server according to a data transfer request, wherein the data transfer request is sent to the second server by a first server;
in one embodiment, the first server receives a data transfer request, which may be a payment request, and optionally includes data transfer parameters, such as a payment amount, a collection account, a payment account, and the like. The first server forwards the data transfer request to the second server, and the second server receives the data transfer request and then performs data transfer operation according to the data transfer request. For example, if the data transfer request is used to request a transfer of d amount of payment amount from account a to account B, the second server deducts the amount d from account a and adds the amount d to account B.
After the second server completes the data transfer operation, the processing result information is fed back to the first server, and optionally, in order to ensure the security of data communication, the processing result information may be transmitted in an encrypted message manner. For example, the processing result information may be a ciphertext obtained by encrypting an actual data transfer parameter, and the data transfer parameter may be an actual payment amount.
S102, generating first execution result information corresponding to the processing result information based on a data transfer interface, and changing the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
in one embodiment, the first execution result information corresponding to the processing result information is generated based on the data transfer interface in the first server, for example, an encrypted message (i.e., ciphertext) is decrypted, so as to obtain an actual data transfer parameter contained in the encrypted message. Optionally, the processing result information returned by the second server is decrypted through a handleResponse function in the data transfer interface, so as to obtain an actual data transfer parameter included in the processing result information. The input parameter of the handleResponse function is an encrypted message (i.e., the ciphertext mentioned in the embodiment of the present invention) returned by the second server, and the return field of the handleResponse function is a decrypted message, i.e., an actual data transfer parameter carried in the encrypted message, such as an actual payment amount. Optionally, the encryption mode of the message may be Base64 encryption, and then decryption needs to be performed by using a corresponding Base64 decryption mode, and optionally, the decrypted message may have 2 fields, one field may be an actual data transfer parameter carried by the encrypted message, such as an actual payment amount, and the other field may be a signature of a bank.
In order to verify the data transfer abnormality detection capability of the first server, the first execution result information is tampered with the second execution result information according to the program code which is newly injected into the data transfer interface and used for tampering information, for example, the first execution result information is actual data transfer parameters, and the actual data transfer parameters are tampered with the forged data transfer parameters, where the actual data transfer parameters are different from the forged data transfer parameters.
Continuing to use the handleResponse function as an example, the newly injected program code may use the handleResponse function as a code injection point, that is, the actual payment amount carried in the return field of the handleResponse function is tampered with as a fake payment amount, and the fake payment amount is returned to the data transfer interface to be continuously executed, so as to determine the data transfer abnormality detection capability of the first server.
S103, generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormality detection capability of the first server according to the verification result.
In one embodiment, after the first execution result information is tampered with the second execution result information, the verification result corresponding to the second execution result information continues to be generated based on the data transfer interface. And determining the data transfer abnormality detection capability of the first server according to the verification result. For example, before the program code is not injected, the handleResponse function returns the actual payment amount in the return field to the handleRequest function in the data transfer interface to continue execution to generate a verification result by the handleRequest function. The falsified forged payment amount is returned to the handleRequest function in the data transfer interface after the program code is injected to continue execution to generate a verification result by the handleRequest function. If the final verification result indicates that the second execution result information is not the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is normal, that is, the first server can detect the occurring payment abnormality, for example, the first server returns result of 88412002& res _ info, which is the response message error of the second server: and if the sum is inconsistent, determining that the first server can detect the abnormal payment. If the final verification result indicates that the second execution result information is the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is abnormal, that is, the first server cannot detect the occurred payment abnormality, and the first server has a fault, so that whether the data transfer abnormality detection capability of the first server is normal or not can be found in time, and the payment safety is improved.
In the embodiment of the invention, the first server changes the first execution result information into the second execution result information according to the program code for tampering information in the data transfer interface, simulates the information tampering process, and generates the verification result corresponding to the second execution result information based on the data transfer interface, so that the data transfer abnormity detection capability of the first server is determined according to the verification result, and the payment safety is improved.
Referring to fig. 3, a flow chart of another data processing method according to an embodiment of the invention is shown. As shown in fig. 3, the data processing method of the embodiment of the present invention may include the following steps S201 to S206.
S201, acquiring the program code for tampering information, and compressing the program code into a code packet;
in one embodiment, data transfer anomaly detection capabilities that need to be detected are determined, including but not limited to the capability of detecting whether payment amounts match, the capability of detecting whether payment accounts match, and the like, and the embodiments of the present invention exemplify the capability of detecting whether payment amounts match. And then analyzing codes of the data transfer interface, and determining an injection point which needs to be injected into the data transfer interface according to the data transfer abnormity detection capability which needs to be detected. For example, the data transfer abnormality detection capability to be detected is to detect whether the first server will detect the abnormality of the data transfer when detecting that the payment amount returned by the second server is different from the payment amount in the data transfer request sent by the first server.
Analyzing the program code of the data transfer interface, the tobbankpay function under the class PayTransHandler calls the handleRequest function under the RequestCommunicator class, and the handleRequest function calls the handleResponse function. The input parameter of the handleResponse function is a message (ciphertext) returned by the bank server (i.e., the second server) after encrypting the actual payment amount, and the return field of the handleResponse function (i.e., the first execution result information processed by the handleResponse function) is the actual payment amount after decryption, so that the handleResponse function is a very suitable code injection point for the data transfer abnormality detection capability with different payment amounts.
Writing a program code for tampering information, simulating information tampering, tampering the program code for tampering information in the embodiment of the present invention tampering the actual payment amount in the handleResponse function return field with a counterfeit payment amount, for example, the actual payment amount is 1234, tampering the actual payment amount with 4321, and returning the tampered counterfeit payment amount return, that is, replacing the return value of the handleResponse function. Specifically, optionally, a development environment is firstly established, and the program code for tampering the information is written in the established development environment. For example, a developer installs eclipse and aspectj plug-in ajdt _2.2.3_ for _ eclipse _4.3.zip, so as to build a development environment for writing program codes.
Further, the program code for tampering information is compressed into a code package, and optionally, the format of the code package may be an archive file format jar package, for example, the program code is packaged into aspectbank. Specifically, optionally, in eclipse, a file-export-jar file with aspect j support-aspect bank item-finish is sequentially selected, so that packaging of the code package is completed.
S202, storing the code packet in a storage directory corresponding to an archive file format in the first server;
in an embodiment, the packaged code packet aspectbank is stored in a storage directory corresponding to an archive file format in the first server, for example, the code packet aspectbank is placed in a lib directory of the first server, that is, data/server/fastpad pre _ instance _ auto/fastpad-boc-zh/sender/lib.
S203, configuring the incidence relation between the code packet and the first function in the data transfer interface, and newly injecting the program code in the code packet into the data transfer interface through the incidence relation between the code packet and the first function.
In one embodiment, the first function in the data transfer interface is the injection point at which the code packet needs to be injected, and the first function is exemplified as handleResponse function. When the association relationship between the code package and the first function is configured, the configuration can be performed in a manner of supporting a configuration file. Specifically, optionally, a configuration file may be obtained, where the configuration file is used to record injection information of a code packet newly injected into the data transfer interface, and further add injection information of the aspectbank. Before the program code of the aspectbank.jar packet is not injected, the first function is executed, that is, the first execution result information of the first function is returned to the second function for continuous execution, and the second function can be a handleRequest function. Specifically, optionally, an aop.xml configuration is newly added, and an aspectbank.jar packet newly injected into the data transfer interface is indicated through the aop.xml configuration. Xml configuration indicates the location of the aspectbank jar packet injection.
And newly injecting the program code in the aspectbank. Specifically, optionally, a jar packet of aspectj needs to be downloaded, some common classes and parameters are defined in the jar packet, and the jar packet of aspectj is loaded, so that the classes and parameters in the jar packet of aspectj can be called when program codes in the aspectbank are executed subsequently. Adding a dynamic import parameter of ASPECT _ LIB/ASPECT jweaver, and setting the authority of a super administrator sudo, thereby starting a program of a data transfer interface of the first server and carrying out data transfer test.
S204, receiving processing result information fed back by a second server aiming at a data transfer request, wherein the data transfer request is sent to the second server by the first server;
s205, generating first execution result information corresponding to the processing result information based on a data transfer interface, and changing the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
s206, generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormality detection capability of the first server according to the verification result.
Referring to steps S101 to S103 of the embodiment of fig. 1, steps S204 to S206 of the embodiment of the present invention are not described herein again.
In the embodiment of the invention, the first server changes the first execution result information into the second execution result information according to the program code for tampering information in the data transfer interface, simulates the information tampering process, and generates the verification result corresponding to the second execution result information based on the data transfer interface, so that the data transfer abnormity detection capability of the first server is determined according to the verification result, and the payment safety is improved.
Referring to fig. 4, a flowchart of a payment anomaly detection according to an embodiment of the present invention is provided, where the payment scenario is merely an example of a data transfer process, and does not limit the embodiment of the present invention. As shown, the bank front-end processor may be the first server, the bank server may be the second server, and the bank front-end processor may include a function 1, a function 2, and a function 3.
The terminal equipment initiates a payment request to the bank front-end processor, and the function 3 of the bank front-end processor processes the payment request and requests payment to the bank server.
The bank server returns a payment result message to the bank front-end processor, wherein the payment result message can be an encrypted ciphertext, and the ciphertext contains the actual payment amount.
The function 1 of the bank front-end processor processes the payment result message, for example, decrypts the payment result message to obtain the actual payment amount.
Since the program code for tampering with the information is newly injected in the function 1, the actual payment amount obtained after decryption is tampered by executing the program code, and the tampered payment amount is returned to the function 2 to be executed.
The function 2 verifies the returned payment amount, e.g. determines whether the payment amount is the true payment amount, and returns a payment result, which may be a payment success or a payment failure, to the function 3. If the payment result returned by the function 3 is payment failure, and an error prompt is returned: if the payment amount is not consistent, the data transfer abnormity detection capability of the bank front-end processor is normal. If the payment result returned by the function 3 is successful, it indicates that the data transfer abnormality detection capability of the bank front-end processor is abnormal.
The function 3 further returns the payment result to the terminal device.
Fig. 5 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present invention. As shown in fig. 5, the data processing apparatus according to an embodiment of the present invention may include: the system comprises a code packet acquisition module 11, a storage module 12, a configuration module 13, a receiving module 14, an information tampering module 15 and a verification module 16;
a code packet obtaining module 11, configured to obtain the program code for tampering with the information, and compress the program code into a code packet;
in one embodiment, data transfer anomaly detection capabilities that need to be detected are determined, including but not limited to the capability of detecting whether payment amounts match, the capability of detecting whether payment accounts match, and the like, and the embodiments of the present invention exemplify the capability of detecting whether payment amounts match. And then analyzing codes of the data transfer interface, and determining an injection point which needs to be injected into the data transfer interface according to the data transfer abnormity detection capability which needs to be detected. For example, the data transfer abnormality detection capability to be detected is to detect whether the first server will detect the abnormality of the data transfer when detecting that the payment amount returned by the second server is different from the payment amount in the data transfer request sent by the first server.
Analyzing the program code of the data transfer interface, the tobbankpay function under the class PayTransHandler calls the handleRequest function under the RequestCommunicator class, and the handleRequest function calls the handleResponse function. The input parameter of the handleResponse function is a message (ciphertext) returned by the bank server (i.e., the second server) after encrypting the actual payment amount, and the return field of the handleResponse function (i.e., the first execution result information processed by the handleResponse function) is the actual payment amount after decryption, so that the handleResponse function is a very suitable code injection point for the data transfer abnormality detection capability with different payment amounts.
Writing a program code for tampering information, simulating information tampering, tampering the program code for tampering information in the embodiment of the present invention tampering the actual payment amount in the handleResponse function return field with a counterfeit payment amount, for example, the actual payment amount is 1234, tampering the actual payment amount with 4321, and returning the tampered counterfeit payment amount return, that is, replacing the return value of the handleResponse function. Specifically, optionally, a development environment is firstly established, and the program code for tampering the information is written in the established development environment. For example, a developer installs eclipse and aspectj plug-in ajdt _2.2.3_ for _ eclipse _4.3.zip, so as to build a development environment for writing program codes.
Further, the program code for tampering information is compressed into a code package, and optionally, the format of the code package may be an archive file format jar package, for example, the program code is packaged into aspectbank. Specifically, optionally, in eclipse, a file-export-jar file with aspect j support-aspect bank item-finish is sequentially selected, so that packaging of the code package is completed.
The storage module 12 is configured to store the jar package in a storage directory corresponding to an archive file format in the first server;
in an embodiment, the packaged code packet aspectbank is stored in a storage directory corresponding to an archive file format in the first server, for example, the code packet aspectbank is placed in a lib directory of the first server, that is, data/server/fastpad pre _ instance _ auto/fastpad-boc-zh/sender/lib.
A configuration module 13, configured to configure an association relationship between the code packet and the first function in the data transfer interface, and newly inject the program code in the code packet into the data transfer interface according to the association relationship between the code packet and the first function.
Optionally, as shown in the figure, the configuration module 13 may include an obtaining unit 130 and an adding unit 131;
an obtaining unit 130, configured to obtain a configuration file, where the configuration file is used to record injection information of a code packet newly injected into the data transfer interface;
an adding unit 131, configured to add, in the configuration file, injection information of the jar packet in the storage directory, where the injection information is used to instruct that program code of the jar packet is injected between the first function and the second function in the data transfer interface, an execution priority of the first function is greater than an execution priority of the program code, and the execution priority of the program code is greater than an execution priority of the second function.
In one embodiment, the first function in the data transfer interface is the injection point at which the code packet needs to be injected, and the first function is exemplified as handleResponse function. When the association relationship between the code package and the first function is configured, the configuration can be performed in a manner of supporting a configuration file. Specifically, optionally, a configuration file may be obtained, where the configuration file is used to record injection information of a code packet newly injected into the data transfer interface, and further add injection information of the aspectbank. Before the program code of the aspectbank.jar packet is not injected, the first function is executed, that is, the first execution result information of the first function is returned to the second function for continuous execution, and the second function can be a handleRequest function. Specifically, optionally, an aop.xml configuration is newly added, and an aspectbank.jar packet newly injected into the data transfer interface is indicated through the aop.xml configuration. Xml configuration indicates the location of the aspectbank jar packet injection.
And newly injecting the program code in the aspectbank. Specifically, optionally, a jar packet of aspectj needs to be downloaded, some common classes and parameters are defined in the jar packet, and the jar packet of aspectj is loaded, so that the classes and parameters in the jar packet of aspectj can be called when program codes in the aspectbank are executed subsequently. Adding a dynamic import parameter of ASPECT _ LIB/ASPECT jweaver, and setting the authority of a super administrator sudo, thereby starting a program of a data transfer interface of the first server and carrying out data transfer test.
A receiving module 14, configured to receive processing result information fed back by a second server for a data transfer request, where the data transfer request is sent by the first server to the second server;
in one embodiment, the first server receives a data transfer request, which may be a payment request, and optionally includes data transfer parameters, such as a payment amount, a collection account, a payment account, and the like. The first server forwards the data transfer request to the second server, and the second server receives the data transfer request and then performs data transfer operation according to the data transfer request. For example, if the data transfer request is used to request a transfer of d amount of payment amount from account a to account B, the second server deducts the amount d from account a and adds the amount d to account B.
After the second server completes the data transfer operation, the processing result information is fed back to the first server, and optionally, in order to ensure the security of data communication, the processing result information may be transmitted in an encrypted message manner. For example, the processing result information may be a ciphertext obtained by encrypting an actual data transfer parameter, and the data transfer parameter may be an actual payment amount.
An information tampering module 15, configured to generate first execution result information corresponding to the processing result information based on a data transfer interface, and tamper the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
optionally, as shown, the information tampering module 15 may include a processing unit 150 and a tampering unit 151;
the processing unit 150 is configured to process the processing result information based on a first function in the data transfer interface, and obtain first execution result information corresponding to the processing result information;
a tampering unit 151, configured to tamper the first execution result information into second execution result information based on a program code for tampering information in the data transfer interface, where the program code is a code newly injected into the data transfer interface.
In one embodiment, the first execution result information corresponding to the processing result information is generated based on the data transfer interface in the first server, for example, an encrypted message (i.e., ciphertext) is decrypted, so as to obtain an actual data transfer parameter contained in the encrypted message. Optionally, the processing result information returned by the second server is decrypted through a handleResponse function in the data transfer interface, so as to obtain an actual data transfer parameter included in the processing result information. The input parameter of the handleResponse function is an encrypted message (i.e., the ciphertext mentioned in the embodiment of the present invention) returned by the second server, and the return field of the handleResponse function is a decrypted message, i.e., an actual data transfer parameter carried in the encrypted message, such as an actual payment amount. Optionally, the encryption mode of the message may be Base64 encryption, and then decryption needs to be performed by using a corresponding Base64 decryption mode, and optionally, the decrypted message may have 2 fields, one field may be an actual data transfer parameter carried by the encrypted message, such as an actual payment amount, and the other field may be a signature of a bank.
In order to verify the data transfer abnormality detection capability of the first server, the first execution result information is tampered with the second execution result information according to the program code which is newly injected into the data transfer interface and used for tampering information, for example, the first execution result information is actual data transfer parameters, and the actual data transfer parameters are tampered with the forged data transfer parameters, where the actual data transfer parameters are different from the forged data transfer parameters.
Continuing to use the handleResponse function as an example, the newly injected program code may use the handleResponse function as a code injection point, that is, the actual payment amount carried in the return field of the handleResponse function is tampered with as a fake payment amount, and the fake payment amount is returned to the data transfer interface to be continuously executed, so as to determine the data transfer abnormality detection capability of the first server.
And the verification module 16 is configured to generate a verification result corresponding to the second execution result information based on the data transfer interface, and determine the data transfer abnormality detection capability of the first server according to the verification result.
In one embodiment, after the first execution result information is tampered with the second execution result information, the verification result corresponding to the second execution result information continues to be generated based on the data transfer interface. And determining the data transfer abnormality detection capability of the first server according to the verification result. For example, before the program code is not injected, the handleResponse function returns the actual payment amount in the return field to the handleRequest function in the data transfer interface to continue execution to generate a verification result by the handleRequest function. The falsified forged payment amount is returned to the handleRequest function in the data transfer interface after the program code is injected to continue execution to generate a verification result by the handleRequest function. If the final verification result indicates that the second execution result information is not the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is normal, that is, the first server can detect the occurring payment abnormality, for example, the first server returns result of 88412002& res _ info, which is the response message error of the second server: and if the sum is inconsistent, determining that the first server can detect the abnormal payment. If the final verification result indicates that the second execution result information is the real execution result information, it is determined that the data transfer abnormality detection capability of the first server is abnormal, that is, the first server cannot detect the occurred payment abnormality, and the first server has a fault, so that whether the data transfer abnormality detection capability of the first server is normal or not can be found in time, and the payment safety is improved.
In the embodiment of the invention, the first server changes the first execution result information into the second execution result information according to the program code for tampering information in the data transfer interface, simulates the information tampering process, and generates the verification result corresponding to the second execution result information based on the data transfer interface, so that the data transfer abnormity detection capability of the first server is determined according to the verification result, and the payment safety is improved.
An embodiment of the present invention further provides a computer storage medium, where the computer storage medium may store a plurality of instructions, where the instructions are suitable for being loaded by a processor and executing the method steps in the embodiments shown in fig. 2 to 4, and a specific execution process may refer to specific descriptions of the embodiments shown in fig. 2 to 4, which are not described herein again.
Referring to fig. 6, which is a schematic structural diagram of a first server according to an embodiment of the present invention, as shown in fig. 6, the first server 1000 may include: at least one processor 1001, such as a CPU, at least one communication interface 1003, memory 1004, at least one communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The communication interface 1003 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1004 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The memory 1004 may optionally be at least one storage device located remotely from the processor 1001. As shown in fig. 6, memory 1004, which is a type of computer storage medium, may include an operating system, a network communication module, and program instructions.
In the first server 1000 shown in fig. 6, the processor 1001 may be configured to load program instructions stored in the memory 1004 and specifically perform the following operations:
receiving processing result information fed back by a second server for a data transfer request, wherein the data transfer request is sent to the second server by the first server;
generating first execution result information corresponding to the processing result information based on a data transfer interface, and changing the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface;
and generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormity detection capability of the first server according to the verification result.
Optionally, the generating, by the processor 1001, first execution result information corresponding to the processing result information based on a data transfer interface, and changing, according to a program code for tampering information in the data transfer interface, the first execution result information into second execution result information by tampering, where the generating includes:
processing the processing result information based on a first function in a data transfer interface to obtain first execution result information corresponding to the processing result information;
tamper the first execution result information to second execution result information based on program code for tampering information in the data transfer interface, the program code being code newly injected into the data transfer interface.
Optionally, the generating, by the processor 1001, a verification result corresponding to the second execution result information based on the data transfer interface includes:
and verifying the second execution result information based on a second function in the data transfer interface to generate a verification result corresponding to the second execution result information, wherein the verification result is used for indicating whether the second execution result information is real execution result information.
Optionally, the determining, by the processor 1001, the data transfer anomaly detection capability of the first server according to the verification result includes:
if the verification result is used for indicating that the second execution result information is not the real execution result information, determining that the data transfer abnormality detection capability of the first server is normal;
and if the verification result is used for indicating that the second execution result information is the real execution result information, determining that the data transfer abnormality detection capability of the first server is abnormal.
Optionally, the processor 1001 is further configured to:
acquiring the program code for tampering information, and compressing the program code into a code packet;
configuring the incidence relation between the code package and the first function in the data transfer interface, and newly injecting the program code in the code package into the data transfer interface through the incidence relation between the code package and the first function.
Optionally, the code package is a jar package in an archive file jar format; the processor 1001 is further configured to store the jar package in a storage directory corresponding to an archive file format in the first server;
the processor 1001 configures an association relationship between the code packet and the first function in the data transfer interface, including:
acquiring a configuration file, wherein the configuration file is used for recording injection information of a code packet newly injected into the data transfer interface;
adding injection information of the jar packet in the storage directory in the configuration file, wherein the injection information is used for indicating that the program code of the jar packet is injected between the first function and the second function in the data transfer interface, the execution priority of the first function is greater than that of the program code, and the execution priority of the program code is greater than that of the second function.
Optionally, the processing result information includes a ciphertext obtained by encrypting an actual data transfer parameter, which is returned by the second server, the first execution result information includes the actual data transfer parameter obtained by decrypting the ciphertext, the second execution result information includes a forged data transfer parameter obtained by tampering the actual data transfer parameter, and the forged data transfer parameter is different from the actual data transfer parameter.
It should be noted that, for a specific implementation process, reference may be made to specific descriptions of the method embodiments shown in fig. 2 to fig. 4, which are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and includes processes of the embodiments of the methods described above when the computer program is executed. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.

Claims (12)

1. A data processing method is applied to a first server and is characterized by comprising the following steps:
receiving processing result information fed back by a second server for a data transfer request, wherein the data transfer request is sent to the second server by the first server, and the processing result information comprises a ciphertext which is returned by the second server and is obtained by encrypting an actual data transfer parameter corresponding to the data transfer request;
processing the processing result information based on a first function in a data transfer interface to obtain first execution result information corresponding to the processing result information, wherein the first execution result information comprises the actual data transfer parameter obtained after the ciphertext is decrypted;
according to a program code used for tampering information in the data transfer interface, tampering the first execution result information into second execution result information, wherein the program code is a code newly injected into the data transfer interface, the second execution result information comprises a forged data transfer parameter obtained after tampering the actual data transfer parameter, and the forged data transfer parameter is different from the actual data transfer parameter;
and generating a verification result corresponding to the second execution result information based on the data transfer interface, and determining the data transfer abnormity detection capability of the first server according to the verification result.
2. The method of claim 1, wherein the generating a verification result corresponding to the second execution result information based on the data transfer interface comprises:
and verifying the second execution result information based on a second function in the data transfer interface to generate a verification result corresponding to the second execution result information, wherein the verification result is used for indicating whether the second execution result information is real execution result information.
3. The method of claim 2, wherein said determining data migration anomaly detection capability of said first server based on said validation result comprises:
if the verification result is used for indicating that the second execution result information is not the real execution result information, determining that the data transfer abnormality detection capability of the first server is normal;
and if the verification result is used for indicating that the second execution result information is the real execution result information, determining that the data transfer abnormality detection capability of the first server is abnormal.
4. The method of claim 2 or 3, wherein the method further comprises:
acquiring the program code for tampering information, and compressing the program code into a code packet;
configuring the incidence relation between the code package and the first function in the data transfer interface, and newly injecting the program code in the code package into the data transfer interface through the incidence relation between the code package and the first function.
5. The method of claim 4, wherein the code package is a jar package in archive file jar format; the method further comprises the following steps:
storing the jar package in a storage directory corresponding to an archive file format in the first server;
the configuring the association relationship between the code packet and the first function in the data transfer interface comprises:
acquiring a configuration file, wherein the configuration file is used for recording injection information of a code packet newly injected into the data transfer interface;
adding injection information of the jar packet in the storage directory in the configuration file, wherein the injection information is used for indicating that the program code of the jar packet is injected between the first function and the second function in the data transfer interface, the execution priority of the first function is greater than that of the program code, and the execution priority of the program code is greater than that of the second function.
6. A data processing apparatus applied to a first server, comprising:
a receiving module, configured to receive processing result information fed back by a second server for a data transfer request, where the data transfer request is sent to the second server by the first server, and the processing result information includes a ciphertext, which is returned by the second server and obtained by encrypting an actual data transfer parameter corresponding to the data transfer request;
the information tampering module is configured to process the processing result information based on a first function in a data transfer interface to obtain first execution result information corresponding to the processing result information, where the first execution result information includes the actual data transfer parameter obtained after decrypting the ciphertext;
the information tampering unit is further configured to tamper the first execution result information into second execution result information according to a program code for tampering information in the data transfer interface, where the program code is a code newly injected into the data transfer interface, and the second execution result information includes a forged data transfer parameter obtained after tampering the actual data transfer parameter, and the forged data transfer parameter is different from the actual data transfer parameter;
and the verification module is used for generating a verification result corresponding to the second execution result information based on the data transfer interface and determining the data transfer abnormity detection capability of the first server according to the verification result.
7. The apparatus of claim 6, wherein the generating, by the verification module based on the data transfer interface, the verification result corresponding to the second execution result information specifically includes:
and verifying the second execution result information based on a second function in the data transfer interface to generate a verification result corresponding to the second execution result information, wherein the verification result is used for indicating whether the second execution result information is real execution result information.
8. The apparatus as claimed in claim 7, wherein the determining, by the validation module, the data transfer anomaly detection capability of the first server according to the validation result specifically comprises:
if the verification result is used for indicating that the second execution result information is not the real execution result information, determining that the data transfer abnormality detection capability of the first server is normal;
and if the verification result is used for indicating that the second execution result information is the real execution result information, determining that the data transfer abnormality detection capability of the first server is abnormal.
9. The apparatus of claim 7 or 8, wherein the apparatus further comprises:
the code packet acquisition module is used for acquiring the program code for tampering information and compressing the program code into a code packet;
the configuration module is used for configuring the incidence relation between the code packet and the first function in the data transfer interface and newly injecting the program code in the code packet into the data transfer interface through the incidence relation between the code packet and the first function.
10. The apparatus of claim 9, wherein the code package is a jar package in archive file jar format; the device further comprises:
the storage module is used for storing the jar package in a storage directory corresponding to the archive file format in the first server;
the configuration module includes:
the acquisition unit is used for acquiring a configuration file, and the configuration file is used for recording injection information of a code packet newly injected into the data transfer interface;
an adding unit, configured to add, in the configuration file, injection information of the jar packet in the storage directory, where the injection information is used to instruct that program codes of the jar packet are injected between the first function and the second function in the data transfer interface, an execution priority of the first function is greater than an execution priority of the program codes, and the execution priority of the program codes is greater than an execution priority of the second function.
11. A first server, comprising: a processor and a memory;
the processor is coupled to a memory, wherein the memory is configured to store program code and the processor is configured to invoke the program code to perform the method of any of claims 1-5.
12. A computer storage medium, characterized in that the computer storage medium stores a computer program comprising program instructions which, when executed by a processor, perform the method according to any one of claims 1-5.
CN201810541810.6A 2018-05-30 2018-05-30 Data processing method and device, storage medium and server Active CN108763934B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810541810.6A CN108763934B (en) 2018-05-30 2018-05-30 Data processing method and device, storage medium and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810541810.6A CN108763934B (en) 2018-05-30 2018-05-30 Data processing method and device, storage medium and server

Publications (2)

Publication Number Publication Date
CN108763934A CN108763934A (en) 2018-11-06
CN108763934B true CN108763934B (en) 2020-02-28

Family

ID=64004642

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810541810.6A Active CN108763934B (en) 2018-05-30 2018-05-30 Data processing method and device, storage medium and server

Country Status (1)

Country Link
CN (1) CN108763934B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111445333B (en) * 2020-03-26 2023-12-08 腾讯科技(深圳)有限公司 Block generation method, device, computer equipment and storage medium
CN112329035B (en) * 2020-11-02 2022-12-27 成都中科大旗软件股份有限公司 Method, system and storage medium for analyzing, encrypting and decrypting based on jar program

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1751324A (en) * 2003-02-21 2006-03-22 瑞士电信流动电话公司 Method and system for detecting possible frauds in payment transactions
US7757215B1 (en) * 2006-04-11 2010-07-13 Oracle America, Inc. Dynamic fault injection during code-testing using a dynamic tracing framework
CN102833270A (en) * 2012-09-18 2012-12-19 山石网科通信技术(北京)有限公司 Method and device for detecting SQL (structured query language) injection attacks and firewall with device
CN103823751A (en) * 2013-12-13 2014-05-28 国家计算机网络与信息安全管理中心 Counterfeit application program monitoring method based on characteristic implantation
CN103942714A (en) * 2014-05-05 2014-07-23 携程计算机技术(上海)有限公司 Payment method and payment device
CN104574088A (en) * 2015-02-04 2015-04-29 华为技术有限公司 Payment authorization method and device
CN105260660A (en) * 2015-09-14 2016-01-20 百度在线网络技术(北京)有限公司 Monitoring method, device and system of intelligent terminal payment environment
CN105471819A (en) * 2014-08-19 2016-04-06 腾讯科技(深圳)有限公司 Account abnormity detection method and account abnormity detection device
CN105631668A (en) * 2015-11-27 2016-06-01 中国银联股份有限公司 Payment anomaly detection method and system
CN105843609A (en) * 2016-03-18 2016-08-10 浪潮软件集团有限公司 An MVC framework based on Spring and MyBatis
CN106790292A (en) * 2017-03-13 2017-05-31 摩贝(上海)生物科技有限公司 The web application layer attacks detection and defence method of Behavior-based control characteristic matching and analysis

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1751324A (en) * 2003-02-21 2006-03-22 瑞士电信流动电话公司 Method and system for detecting possible frauds in payment transactions
US7757215B1 (en) * 2006-04-11 2010-07-13 Oracle America, Inc. Dynamic fault injection during code-testing using a dynamic tracing framework
CN102833270A (en) * 2012-09-18 2012-12-19 山石网科通信技术(北京)有限公司 Method and device for detecting SQL (structured query language) injection attacks and firewall with device
CN103823751A (en) * 2013-12-13 2014-05-28 国家计算机网络与信息安全管理中心 Counterfeit application program monitoring method based on characteristic implantation
CN103942714A (en) * 2014-05-05 2014-07-23 携程计算机技术(上海)有限公司 Payment method and payment device
CN105471819A (en) * 2014-08-19 2016-04-06 腾讯科技(深圳)有限公司 Account abnormity detection method and account abnormity detection device
CN104574088A (en) * 2015-02-04 2015-04-29 华为技术有限公司 Payment authorization method and device
CN105260660A (en) * 2015-09-14 2016-01-20 百度在线网络技术(北京)有限公司 Monitoring method, device and system of intelligent terminal payment environment
CN105631668A (en) * 2015-11-27 2016-06-01 中国银联股份有限公司 Payment anomaly detection method and system
CN105843609A (en) * 2016-03-18 2016-08-10 浪潮软件集团有限公司 An MVC framework based on Spring and MyBatis
CN106790292A (en) * 2017-03-13 2017-05-31 摩贝(上海)生物科技有限公司 The web application layer attacks detection and defence method of Behavior-based control characteristic matching and analysis

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《基于SOAP 的Web 服务中的异常处理方法》;周虎等;《计算机工程与设计》;20070831;第28卷(第15期);第3698-3701页 *

Also Published As

Publication number Publication date
CN108763934A (en) 2018-11-06

Similar Documents

Publication Publication Date Title
US20200106775A1 (en) Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium
CN108363580A (en) Application program installation method, device, computer equipment and storage medium
CN106294102B (en) Application program testing method, client, server and system
CN111314306A (en) Interface access method and device, electronic equipment and storage medium
CN108347361B (en) Application program testing method and device, computer equipment and storage medium
EP3038004A1 (en) Method for providing security for common intermediate language-based program
CN105701423B (en) Date storage method and device applied to high in the clouds payment transaction
CN104199654A (en) Open platform calling method and device
CN114650154B (en) Webpage authority behavior control method and device, computer equipment and storage medium
CN108496323B (en) Certificate importing method and terminal
CN105637516A (en) Method for verifying integrity of dynamic code using hash
CN110968872A (en) File vulnerability detection processing method and device, electronic equipment and storage medium
CN104199657A (en) Call method and device for open platform
CN113467784A (en) Application program processing method and device and computer readable storage medium
CN106372497A (en) Application programming interface (API) protection method and device
CN108763934B (en) Data processing method and device, storage medium and server
CN106533685A (en) Identity authentication method, identity authentication device, and identity authentication system
CN112231674A (en) A kind of URL address jump verification method, system and electronic device
CN108881320B (en) Authentication processing method for user login, server and client
CN113114681B (en) Test message processing method, device, computer system and readable storage medium
CN106899593B (en) APP repackaging verification method and device
CN111427767B (en) Attack test method and device for application system, computer equipment and storage medium
CN112732676A (en) Data migration method, device, equipment and storage medium based on block chain
CN109951565B (en) Data transmission method, device, medium and electronic equipment for supply chain management system
CN109871703B (en) Big data transaction management method, device, storage medium and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant