CN114385997A - OA-based payroll allocation method and related device - Google Patents

Abstract

The present application discloses an OA-based salary slip deployment method and a related device, which are used to solve the problem of salary slip security in the online OA deployment process. The system applied by the application method includes: an OA server, a salary server and a client; the employee logs in to the OA server through the employee account on the client, and enters the secondary password on the salary slip query page; the OA server verifies the secondary password, and when the secondary password is The password is checked correctly, and the OA server transmits the request parameters encrypted by the public key to the payroll server, so that the payroll server decrypts with the corresponding private key and generates the employee payslip of the employee, and encrypts the generated private key of the employee payroll and returns it to the payroll server. Send it to the OA server; the OA server uses the public key to decrypt the encrypted employee salary slip and feed it back to the client; when the secondary password is checked incorrectly and the number of errors is less than the specified number of times, it will prompt to re-enter; when the secondary password is checked incorrectly and is incorrect If the number of times is greater than the specified number, the employee account will be locked.

Description

An OA-based salary slip deployment method and related device

technical field

The present application belongs to the field of data information processing, and in particular relates to an OA-based salary slip deployment method and related devices.

Background technique

In enterprise management, there is generally a salary management module, which includes the function of salary slips, but the printing content of salary slips in each enterprise may be different. Therefore, the traditional method is to design a salary slip template every time according to the printing content of salary slips. Print according to the template. However, the disadvantage of this method is that it is inconvenient for enterprise users to operate, and each enterprise user needs to be redesigned, which increases the labor cost of the enterprise and reduces work efficiency.

Paper payslips have the following disadvantages: it is troublesome to make, it is necessary to divide payroll, print payslips, cut payslips, and distribute payslips; confidentiality is not good, and ordinary paper payslips are easy for employees to see the wages of other employees when they receive them The form is too backward, and it does not conform to the concept of social energy saving, emission reduction, and environmental protection life, and now is the era of paperless office, and paper salary slips are very backward means.

Office Automation (OA) is a new type of office method that combines modern office and computer technology. There is no unified definition of office automation. All kinds of new technologies, new machines and new equipment are used in traditional offices. Engaging in office business belongs to the field of office automation. By realizing office automation, or realizing digital office, the existing management organization structure can be optimized, the management system can be adjusted, and on the basis of improving efficiency, the collaborative office ability can be increased, and the decision-making ability can be strengthened. consistency.

As sensitive data of enterprises, salary needs to have a high level of confidentiality. There is no mature and perfect solution in the existing technology. Therefore, a method of deploying salary slips based on OA is proposed.

SUMMARY OF THE INVENTION

The present application provides a method for implementing and deploying salary slips based on OA, which aims to solve the security problem in the process of realizing online OA deployment of salary slips in the prior art.

In the first aspect, the present application provides that the employee logs in to the OA server through the employee account on the client side, and enters the secondary password on the salary slip query page;

The OA server checks the secondary password, and the process for the OA server to check the secondary password includes:

When the secondary password is checked correctly, the OA server transmits the request parameters encrypted by the public key to the payroll server, so that the payroll server decrypts the received request parameters with the corresponding private key and generates the corresponding The employee salary slip of the employee, and encrypts the generated private key of the employee salary slip and sends it back to the OA server; the OA server decrypts the encrypted employee salary slip using the public key and sends it to the client end feedback;

When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, prompting to re-enter;

When the secondary password is checked incorrectly and the number of errors is greater than a specified number of times, the employee account is locked.

Optionally, also include:

When the employee account calls the salary slip on the salary slip query page, the OA server records the calling behavior and generates an OA log;

When the OA server sends employee data to the payroll server, the payroll server generates a payroll log;

Compare the numbers of the OA logs and the salary logs, and issue a warning if the numbers of the OA logs and the salary logs are inconsistent.

Optionally, the comparing the OA log and the salary log includes:

If the numbers of the OA log and the salary log are the same, execute the process of the interaction method between the OA server and the salary server;

If the numbers of the OA log and the salary log are inconsistent, the method further includes:

Email notification to the operation and maintenance department to manage the account.

Optionally, also include:

The client sends a salary slip query request to the OA server, and the salary slip query request includes the employee account and password;

The OA server forwards the query request to the salary server according to the salary slip;

The salary server returns the encrypted employee salary slip to the OA server after verifying that the employee account and password are correct;

The OA server sends the decrypted employee salary slip to the client;

The client displays the employee pay slip.

Optionally, the OA server and the payroll server are two independent computers, and the payroll server only communicates with the OA server internally.

Optionally, also include:

The salary server judges the connection status of all external ports;

When a removable storage device is found in the connection status of the external port, a warning is issued.

Optionally, when it is found that there is a removable storage device in the connection state of the external port, the method further includes:

Refuse to read or write data on the mobile storage device, and form an alarm log.

Optionally, the encrypted salary slip of the employee is stored in the salary server;

The computer where the salary server is located is provided with a login password, and the login password is pin+token, wherein the pin specifies that the operation and maintenance management account has management authority, and the token specifies that the salary administrator account has management authority.

Optionally, the employee salary slips stored in the salary server are encrypted with the RSA public key and then stored in the database, and the decrypted private key corresponding to the RSA public key is stored in a preset file in the salary server.

In a second aspect, the present application provides an OA-based salary slip implementation and deployment system, the system comprising: an OA server, a salary server and a client;

The employee logs in to the OA server through the employee account on the client, and enters the secondary password on the salary slip query page;

The OA server checks the secondary password, and the process for the OA server to check the secondary password includes:

When the secondary password is checked correctly, the OA server transmits the request parameters encrypted by the public key to the payroll server, so that the payroll server decrypts the received request parameters with the corresponding private key and generates the corresponding The employee salary slip of the employee, and encrypts the generated private key of the employee salary slip and sends it back to the OA server; the OA server decrypts the encrypted employee salary slip using the public key and sends it to the client end feedback;

When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, prompting to re-enter;

When the secondary password is checked incorrectly and the number of errors is greater than a specified number of times, the employee account is locked.

In a third aspect, the present application provides a computer device, comprising:

Processor, memory, bus, input and output interface, wireless network interface;

The processor is connected with the memory, the input and output interface, and the wireless network interface through a bus;

A computer-readable program is stored in the memory;

When the processor executes the computer-readable program stored in the memory, any one of the OA-based payroll executed by the client, the OA server or the payroll server in the first aspect is implemented. Article implements the deployment method.

As can be seen from the above technical solutions, the embodiments of the present application have the following advantages:

This application provides a method for implementing OA-based salary slip deployment, solves the problem of online OA deployment of salary slips in the prior art, and solves the security problem in the deployment process, from the code security level, retrospective operation level, security The boundary layer, physical security layer, and database security layer ensure the security of new capital data, and effectively prevent the OA server from finding the interface to query the salary slip of any person after being hacked.

Description of drawings

1 is a schematic flowchart of an embodiment of an OA-based salary slip deployment method of the application;

FIG. 2 is a logical diagram of the calling relationship between the OA server and the payroll server according to the embodiment provided by the present application;

Fig. 3 is the login salary slip system interaction flow chart of the embodiment provided by this application;

Fig. 4 is the backtracking operation level logic diagram of the embodiment provided by this application;

FIG. 5 is a schematic structural diagram of an embodiment of the OA-based salary slip deployment system of the present application.

Detailed ways

The embodiment of the present application provides an OA-based salary slip implementation and deployment method, which is used to solve the security problem in the process of online OA deployment of the salary slip. Boundary level, physical security level, database security level, etc. to ensure the security of data, and effectively prevent the OA server from finding the interface to query the salary slip of any person after being hacked.

Please refer to Figure 1 to Figure 4, an OA-based payroll deployment method, including: an OA server, a payroll server and a client;

101. The employee sends a login request to the OA server through the client or the employee sends a login request to the OA server by scanning the code to log in, and the login request at least includes the employee account and the corresponding password;

102. The OA server feeds back a login request verification result to the client logged in by the employee, and the login request verification result includes login success and login failure;

103. The client determines that the employee account has completed the login according to the verification result of the successful login request;

104. On the premise that the employee account logs in to the OA server, the receiving user enters a secondary password on the salary slip query page, and the secondary password is used to request to query the salary slip of the employee to which the employee account belongs;

105. The OA server checks the secondary password, and the specific process includes:

106. When the OA server checks the secondary password in step 105 and finds an error and the number of errors is less than a specified number of times (for example, 3 times), the OA server feeds back to the client that the result of checking the secondary password is a prompt to re-enter; when the OA server checks the second password in step 105 If the first-level password is found to be wrong and the number of errors is greater than the specified number of times (for example, 3 times), the OA server reports to the client that the result of checking the second-level password is that the employee account is locked (for example, the employee account is locked for 24 hours);

107. The client terminal prompts the user to re-enter the secondary password or lock the employee account according to the secondary password verification result in step 106.

108. When the OA server checks that the secondary password is correct in step 105, the OA server transmits the encryption request parameters (such as employee account number and secondary password) encrypted by the public key to the payroll server;

109. The salary server decrypts the request parameters sent by the OA server through the private key, and verifies the validity of the request parameters. The process of verifying the request parameters includes but is not limited to: whether the employee account has access rights and whether the request parameters are Whether it is complete or tampered with, whether the secondary password is correct, whether the request is within the validity period, etc.; the specific method of verifying the validity of the request parameters can be set according to actual needs, which is not limited here.

110. The payroll server further checks and determines whether the number of queries made by the employee account for the payroll exceeds the limit. If the number of queries made by the employee account for the payroll exceeds the limit, the corresponding payroll will not be fed back; If the number of queries does not exceed the number limit, step 111 is executed;

111. The salary server queries the employee salary slip of the corresponding employee from the database according to the salary slip query request of the OA server;

112. The salary server encrypts the private key of the employee's salary slip and sends it back to the OA server;

113. The OA server decrypts the encrypted employee salary slip with the public key and feeds back the employee salary slip corresponding to the employee account to the client;

114. The client displays the salary slip according to the feedback in step 113. Further, the sensitive data in the salary slip can be displayed on the page in the form of a mosaic. You need to slide the mouse over the corresponding data item to display the corresponding data, and when the page is not operated for a period of time, the mask will be displayed. The current page is locked at the level, and employees need to enter the secondary password again to continue viewing.

It can be seen that the OA-based salary slip deployment method of the present application ensures the security of employees querying salary slips by setting a secondary password verification method, which effectively prevents the OA server from finding an interface to query the salary slip of any person after being hacked. The data transmitted between payroll servers is encrypted, which further effectively ensures the security of employee payroll transmission.

In another embodiment, based on the above embodiment of FIG. 1 , when the employee account logged in by the client calls the salary slip on the salary slip query page, the OA server should record the calling behavior and generate an OA log, and when When the OA server sends employee data to the payroll server, the payroll server generates a payroll log; this embodiment periodically compares the number of the OA log and the payroll log, so as to verify whether any other device has pretended to be the OA server and sent the payroll of the employee to the payroll server For query requests, if the number of OA logs and payroll logs is inconsistent, it means that there may have been other devices pretending to be the OA server to send employee salary slip query requests to the payroll server. At this time, a warning should be issued so that the operation and maintenance personnel can make timely decisions. Here The warning method can be sound and light alarm, sending a warning email to a designated email account (such as the management account of the operation and maintenance department), etc., which are not limited in detail.

In another embodiment, the client sends the salary slip query request to the OA server may include the employee account and password (specifically including the login password and the secondary password), and the OA server forwards the salary to the salary server according to the salary slip query request The salary server verifies that the employee account and password are correct and returns the encrypted employee salary slip to the OA server. The OA server sends the decrypted employee salary slip to the client, and the client displays the employee salary slip.

In another embodiment, based on the above-mentioned embodiment of FIG. 1 , the payroll server judges the connection status of all external ports in real time, when it finds that the connection status of the external ports exists in a removable storage device, it issues a warning and rejects the connection status of the external port in the removable storage device. Read or write data, and form an alarm log, realize the function of rejecting external mobile storage devices, and protect the data security of the payroll server.

Specifically, the OA server stores encrypted employee salary slips or periodically clears the employee salary slips. These employee salary slips are the feedback from the salary server that has sent the salary slip query request to the OA server. The computer where the salary server is located can be set There is a login password, and the login password is pin+token. The pin designates the operation and maintenance management account with management rights, the token designates the salary administrator account with management rights, and the operation and maintenance management account is held by the operation and maintenance management personnel, and the salary administrator account It is held for the payroll administrator. As long as the operation and maintenance administrator and the payroll administrator are not the same person in the actual situation, the security of the data in the payroll server can be effectively guaranteed in reality. Only if the operation and maintenance administrator and the payroll administrator are at the same time Part of the passwords set by the employees can be combined into pin+token to directly access the data in the payroll server.

Specifically, all employee salary slips stored in the payroll server are encrypted by the RSA public key and then stored in the database. The decrypted private key corresponding to the RSA public key is stored in a preset file in the payroll server, which effectively guarantees that even if the payroll server’s If the data is leaked, as long as the decrypted private key corresponding to the RSA public key is not accurately found, the employee salary slip will not be leaked. More specifically, the payroll server is only connected to the OA server internally, preventing the access of other devices on the physical connection and reducing the risk of data leakage of the payroll server.

In another specific embodiment, as shown in FIG. 2 , the OA server transmits the request parameters encrypted by the public key to the payroll server, and the payroll server decrypts the received employee data with the public key, generates employee payroll, and queries the payroll When the salary server encrypts the private key of the generated employee salary slip and sends it back to the OA server; the salary server is configured with at least 2 PC hosts, one of the 2 PC hosts is dedicated for salary management, and the other groups are for salary management. For normal office use by employees, the salary slip assets are only allowed to exist on the dedicated PC host for salary management, and the dedicated PC host for salary management only allows the network to the bank externally, and only allows the OA server internally, and all others are closed. Salary management Mobile storage devices are prohibited on the dedicated machine. The login password of the payroll server of the dedicated PC host for payroll management is pin+token. The pin is held by the operation and maintenance administrator account, and the token is held by the payroll administrator account.

Further, the OA server uses the query authentication system and ID serialization to prohibit ordinary users from overreaching, wherein the query authentication system specifically includes:

A query manager that can receive a query request, an authentication server, and a database system that stores the data of the managed object, the authentication server can accept the authentication request information from the client, and the authentication server uses the authentication request information sent to the query manager;

The query manager can parse the authentication request information to generate a query statement, and the authentication server queries the database system;

The object manager stores an association relationship graph of the managed objects generated according to the association relationship configuration information between the managed objects, and the association relationship graph includes at least one root object and a non-root object; the database system solves the The path in the relationship graph in the object manager, the object manager returns the optimal result of the solution to the query manager;

The authentication configuration information related to the root object is stored in the database system, and the database system can return the queried authenticated information to the query manager;

The method for serializing the ID is as follows:

1) The OA server obtains each string requested by the client;

2) The OA server determines the client corresponding to each character string according to the correspondence between each character string and each management server;

3) The OA server sends the string to the corresponding management server, so that each management server converts the received string into a corresponding serialized ID according to the mapping table maintained by the management server; wherein, the mappings maintained by different management servers The strings in the table are different from each other;

4) The OA server receives the serialized ID corresponding to each string returned by each client;

5) The OA server converts the strings in each sample data into the corresponding serialization IDs according to the serialization IDs corresponding to the received strings;

The security of the database system is specifically adopted as follows:

1) The OA server calls the salary stub interface to query the user's salary stub. It must bring the user's secondary password to the salary stub interface to verify whether it is correct, and then obtain a token after it is correct. With this token, only the user's salary stub can be queried to prevent OA After the server is hacked, find the interface to query the salary slip of any person;

2) For the salary slip data submitted by the OA server, all the RSA public keys are encrypted and stored in the database, and the decrypted private keys are stored in the file.

Further, the salary server includes a secondary private key generation system, and the secondary private key generation system includes:

a login module, which is used for the user to input login information, enter the management interface of the management terminal, and input user instructions;

A code generation module, which is used to randomly generate the code according to user instructions; the code is composed of 6-10 characters, and the characters use at least two combinations of Arabic numerals, uppercase English letters and lowercase English letters;

a code input module, which is used for the user to input the obtained code;

A restriction setting module, which is used for setting the use restriction information about the secret key for the user; the secondary private key generation system also includes:

Encryption module, the encryption module is connected to the encoding input module and the restriction condition setting module, and the condition setting module is used to receive the encoding and the use restriction condition information, and perform an encryption operation on the encoding and the use restriction condition information, and generate a code including the the encoding and the key of the use restriction information;

The use restriction information includes the number of times of use of the secret key and the effective time of the secret key; the encryption operation specifically adopts the RC algorithm, and the RC algorithm includes two parts: an initialization algorithm and a pseudo-random sub-cipher generation algorithm. In the process of initialization, The main function of the key is to randomly scramble a 256-byte initial number cluster. Different clusters can get different sub-key sequences after being processed by the pseudo-random sub-cipher generation algorithm. After the XOR operation with the plaintext, the ciphertext is obtained.

In another embodiment, the flow of the interaction method between the OA server and the payroll server is:

S1. The employee logs in to the OA server through the employee account, and enters the secondary password on the salary slip query page;

S2, verifying the secondary password, the process of verifying the secondary password includes:

1) When the secondary password is checked correctly, feedback the salary slip corresponding to the employee account;

2) When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, it will prompt to re-enter;

3) When the secondary password is checked incorrectly and the number of errors is greater than the specified number of times, lock the employee account;

As an optional optimization of this embodiment, a soft keyboard is used to input the secondary private key password. The soft keyboard uses a software simulation keyboard to input characters by clicking a mouse, in order to prevent the Trojan from recording the password input by the keyboard. The specific method of displaying the soft keyboard for:

1) when the text input box receives the trigger from the user, according to the preset constraints, the random algorithm is constrained to generate a random number, and the text input box is associated with the soft keyboard;

2) utilize the random number to sort the keys stored in the array, and the array is pre-created for storing the keys in the soft keyboard;

3) According to the sorting, the keys are displayed in the soft keyboard;

Wherein, the buttons include numeric buttons and letter buttons, and also have letter case switching buttons, and the random algorithm is constrained according to preset constraints to generate random numbers, including: according to preset first constraints Constraints: Constrain the random algorithm to generate 10 random numbers corresponding to numbers 0-9;

Using the random numbers to sort the digital keys stored in the array, including: using the 10 generated random numbers to sort the 10 digital keys stored in the array;

According to the sorting, displaying the numeric keys on the soft keyboard includes: displaying 10 numeric keys in the soft keyboard according to the arrangement order of the numeric keys, and the letter keys and the letter case switching keys do not participate in the random number sorting;

The above-mentioned soft keyboard sorting method is realized by a sorting system, and the sorting system includes: a random number generating module, which is used to constrain the random algorithm according to the preset constraint conditions when the text input box receives the trigger from the user, and generate a random number. number, the text input box is associated with the soft keyboard;

a sorting module, configured to use the random number to sort the keys stored in the array, and the array is pre-created and used to store the keys in the soft keyboard;

The display module is used for displaying the keys in the soft keyboard according to the sorting.

In another embodiment, the OA-based salary slip deployment method further includes a retrospective operation method, and the specific process is:

A1, when the employee calls the salary slip on the salary slip query page of the OA server, the OA server records the calling behavior and generates an OA log;

A2. When the OA server sends employee data to the salary server, the salary server generates a salary log;

A3. Compare the quantity of the OA log and the salary log, and issue a warning if the quantity of the OA log and the salary log are inconsistent.

The comparing the OA log and the salary log includes:

If the numbers of the OA log and the salary log are the same, execute the process of the interaction method between the OA server and the salary server;

If the number of the OA log and the salary log is the same, the method further includes: notifying the operation and maintenance department by email.

As an optional solution for comparing the OA log and the salary log in this embodiment, a log comparison system is used to compare the OA log and the salary log, and the log comparison system includes a log collection module, a log storage module, a log analysis module and a log feature library, Wherein, the log collection module is coupled to the log storage module, and is used to read the original log generated by the application program, and write the original log into the log storage module;

The log storage module is respectively coupled to the log collection module and the log analysis module, and is used to store the original log written by the log collection module and the processed log returned by the log analysis module. log;

The log analysis module is respectively coupled to the log storage module and the log feature library, and is configured to read the original log from the log storage module, and extract the feature words in the original log content, Compare and analyze the feature word with the keywords stored in the log feature library; when the log feature library contains the same keyword as the feature word, compare all the keywords in the original log. The feature words are highlighted, and the prompt information corresponding to the keywords in the log feature library is written into the original log to become the processed log, and the processed log is stored in the In the log storage module; the log analysis module processes the original log in an asynchronous processing manner;

The log feature library is coupled to the log analysis module, and is used to store log feature information and prompt information; the prompt information includes log error analysis and causes and modification suggestions; the log feature information includes log frequently occurring errors The problem keyword database, the reasons corresponding to the keywords and the recommended solutions;

When the retrieval result is the processed log, click the highlighted feature word in the processed log to display prompt information, and when the log analysis module reads the original log from the log storage module, And extract the feature words in the original log content, and compare and analyze the feature words with the keywords stored in the log feature library; when the log feature library does not contain the same key as the feature word When the word is entered, the original log is not processed; after the original log is retrieved from the log storage module by the log query module, the original log can be viewed.

The above-mentioned embodiment describes the implementation and deployment method of the salary slip based on OA of the present application. The following describes the implementation and deployment system of the salary slip based on OA of the present application. The deployment system based on the salary slip of OA includes: OA server, salary server and client;

The employee logs in to the OA server through the employee account on the client, and enters the secondary password on the salary slip query page;

The OA server checks the secondary password, and the process for the OA server to check the secondary password includes:

When the secondary password is checked correctly, the OA server transmits the employee data encrypted with the public key to the payroll server, so that the payroll server decrypts the received employee data with the public key and generates a corresponding employee pay slip, and encrypting the generated private key of the employee salary slip and sending it back to the OA server; the OA server feeds back the salary slip corresponding to the employee account to the client;

When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, prompting to re-enter;

When the secondary password is checked incorrectly and the number of errors is greater than a specified number of times, the employee account is locked.

Optionally, it also includes:

When the employee account calls the salary slip on the salary slip query page, the OA server records the calling behavior and generates an OA log;

When the OA server sends employee data to the payroll server, the payroll server generates a payroll log;

Compare the numbers of the OA logs and the salary logs, and issue a warning if the numbers of the OA logs and the salary logs are inconsistent.

Optionally, the comparing the OA log and the salary log includes:

If the numbers of the OA log and the salary log are the same, execute the process of the interaction method between the OA server and the salary server;

If the numbers of the OA log and the salary log are inconsistent, further include:

Email notification to the operation and maintenance department to manage the account.

Optionally, also include:

The client sends a salary slip query request to the OA server, and the salary slip query request includes the employee account and password;

The OA server forwards the query request to the salary server according to the salary slip;

The salary server returns the encrypted employee salary slip to the OA server after verifying that the employee account and password are correct;

The OA server sends the decrypted employee salary slip to the client;

The client displays the employee pay slip.

Optionally, the OA server and the payroll server are two independent computers, the payroll server only communicates with the OA server internally, and the payroll server is only connected to the network of the banking service system externally.

Optionally, also include:

The salary server judges the connection status of all external ports;

When a removable storage device is found in the connection status of the external port, a warning is issued.

Optionally, when it is found that there is a removable storage device in the connection state of the external port, the method further includes:

Refuse to read or write data on the mobile storage device, and form an alarm log.

Optionally, the encrypted employee salary slip is stored in the OA server;

The computer where the OA server is located is provided with a login password, and the login password is pin+token, wherein the pin specifies that the operation and maintenance management account has management authority, and the token specifies that the salary administrator account has management authority.

Optionally, the employee salary slips stored in the payroll server are encrypted with the RSA public key and then stored in the database, and the decrypted private key corresponding to the RSA public key is stored in a preset file in the payroll server. .

The computer device in the embodiment of the present application will be described below. Please refer to FIG. 5. An example of the computer device in the embodiment of the present application includes:

The computer device 500 may include one or more processors (central processing units, CPU) 501 and a memory 502 in which one or more application programs or data are stored. Among them, the memory 502 is volatile storage or persistent storage. A program stored in memory 502 may include one or more modules, each of which may include a series of instructions to operate on a computer device. Still further, the processor 501 may be arranged to communicate with the memory 502 to execute a series of instruction operations in the memory 502 on the computer device 500 . Computer device 500 may also include one or more wireless network interfaces 503, one or more input-output interfaces 504, and/or, one or more operating systems, such as Windows Server, Mac OS, Unix, Linux, FreeBSD, and the like. The processor 501 may perform the operations performed in the foregoing embodiments shown in FIG. 1 to FIG. 4 , and details are not repeated here.

In the several embodiments provided by the embodiments of the present application, those skilled in the art should understand that the disclosed systems, devices and methods may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the unit is only a logical function division. In actual implementation, there may be other division methods, for example, multiple units or components may be combined or Integration into another system, or some features can be ignored, or not implemented. In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units. The integrated unit, if implemented as a software functional unit and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solutions of the present application can be embodied in the form of software products in essence, or the parts that contribute to the prior art, or all or part of the technical solutions, and the computer software products are stored in a storage medium , including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods in the various embodiments of the present application. The aforementioned storage medium includes: U disk, removable hard disk, read-only memory (ROM, read-only memory), random access memory (RAM, random access memory), magnetic disk or optical disk and other media that can store program codes.

The above descriptions are only preferred embodiments of the present application and are not intended to limit the present application. Any modifications, equivalent replacements or improvements made within the spirit and principles of the present application shall be included in the protection of the present application. within the range.

Claims (10)

1. a salary slip deployment method based on OA, is characterized in that, the system of described method application comprises: OA server, salary server and client; The employee logs in to the OA server through the employee account on the client, and enters the secondary password on the salary slip query page; The OA server checks the secondary password, and the process for the OA server to check the secondary password includes: When the secondary password is checked correctly, the OA server transmits the request parameters encrypted by the public key to the payroll server, so that the payroll server decrypts the received request parameters with the corresponding private key and generates the corresponding The employee salary slip of the employee, and encrypts the generated private key of the employee salary slip and sends it back to the OA server; the OA server decrypts the encrypted employee salary slip using the public key and sends it to the client end feedback; When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, prompting to re-enter; When the secondary password is checked incorrectly and the number of errors is greater than a specified number of times, the employee account is locked. 2. a kind of OA-based salary slip deployment method according to claim 1, is characterized in that, also comprises: When the employee account calls the salary slip on the salary slip query page, the OA server records the calling behavior and generates an OA log; When the OA server sends employee data to the payroll server, the payroll server generates a payroll log; Compare the numbers of the OA logs and the salary logs, and issue a warning if the numbers of the OA logs and the salary logs are inconsistent. 3. a kind of OA-based salary slip deployment method according to claim 2, is characterized in that, described comparing described OA log and described salary log comprises: If the numbers of the OA log and the salary log are the same, execute the process of the interaction method between the OA server and the salary server; If the numbers of the OA log and the salary log are inconsistent, the method further includes: Email notification to the operation and maintenance department to manage the account. 4. The OA-based payroll deployment method according to claim 1, wherein the OA server and the payroll server are two independent computers, and the payroll server only internally communicates with the OA. Server communication connection. 5. a kind of OA-based salary slip deployment method according to claim 4, is characterized in that, also comprises: The salary server judges the connection status of all external ports; When a removable storage device is found in the connection status of the external port, a warning is issued. 6. a kind of OA-based payroll deployment method according to claim 5, is characterized in that, when discovering that the connection state of external port exists mobile storage device, also comprises: Refuse to read or write data on the mobile storage device, and form an alarm log. 7. a kind of OA-based payroll implementation deployment method according to claim 4, is characterized in that, the described employee payroll of encryption is stored in described payroll server; The computer where the salary server is located is provided with a login password, and the login password is pin+token, wherein the pin specifies that the operation and maintenance management account has management authority, and the token specifies that the salary administrator account has management authority. 8. a kind of OA-based salary slip deployment method according to claim 4, is characterized in that, described employee salary slip stored in described salary server is all stored in database after RSA public key encryption, described RSA The decrypted private key corresponding to the public key is stored in a preset file in the payroll server. 9. A salary slip deployment system based on OA, characterized in that, comprising: OA server, salary server and client; The employee logs in to the OA server through the employee account on the client, and enters the secondary password on the salary slip query page; The OA server checks the secondary password, and the process for the OA server to check the secondary password includes: When the secondary password is checked correctly, the OA server transmits the request parameters encrypted by the public key to the payroll server, so that the payroll server decrypts the received request parameters with the corresponding private key and generates the corresponding The employee salary slip of the employee, and encrypts the generated private key of the employee salary slip and sends it back to the OA server; the OA server decrypts the encrypted employee salary slip using the public key and sends it to the client end feedback; When the secondary password is checked incorrectly and the number of errors is less than the specified number of times, prompting to re-enter; When the secondary password is checked incorrectly and the number of errors is greater than a specified number of times, the employee account is locked. 10. A computer equipment, characterized in that, comprising: Processor, memory, bus, input and output interface, wireless network interface; The processor is connected with the memory, the input and output interface, and the wireless network interface through a bus; A computer-readable program is stored in the memory; When the processor executes the computer-readable program stored in the memory, it implements any one of the OA-based OA-based programs executed by the client, the OA server or the payroll server in the foregoing claims 1 to 8. The payslip deployment method.

Images