[go: up one dir, main page]

CN114706932A - Method and system for encryption desensitization and query of geographic information - Google Patents

Method and system for encryption desensitization and query of geographic information Download PDF

Info

Publication number
CN114706932A
CN114706932A CN202210335498.1A CN202210335498A CN114706932A CN 114706932 A CN114706932 A CN 114706932A CN 202210335498 A CN202210335498 A CN 202210335498A CN 114706932 A CN114706932 A CN 114706932A
Authority
CN
China
Prior art keywords
address
information
query
encryption
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210335498.1A
Other languages
Chinese (zh)
Inventor
吴宏建
郭强
胡方
张有为
车森
陈晓慧
赵清波
陆川伟
张兵
李静
贾吴帆
�原聪
张安静
马昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Institute of Advanced Technology
Original Assignee
Zhengzhou Xinda Institute of Advanced Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Institute of Advanced Technology filed Critical Zhengzhou Xinda Institute of Advanced Technology
Priority to CN202210335498.1A priority Critical patent/CN114706932A/en
Publication of CN114706932A publication Critical patent/CN114706932A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Remote Sensing (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

本发明实施例涉及信息获取技术领域,公开了一种地理信息加密脱敏及查询的方法和系统。该方法包括:接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签;接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端。实施本发明实施例,可以通过对地理信息转换为多组地址标签,一方面通过分组分级的加密方式实现信息脱敏,后台不存储用户的真实地址信息,另一方面根据查询权限来限定查询人查询到的信息,可以有效保证用户地址信息安全。

Figure 202210335498

Embodiments of the present invention relate to the technical field of information acquisition, and disclose a method and system for encryption, desensitization and query of geographic information. The method includes: receiving address information input by a first user, processing the address information by an encryption method to obtain multiple sets of address labels; receiving a query request from a target terminal, and determining one or more sets of target addresses based on the query request label, and decrypt the target address label, and send the decrypted relevant information to the target terminal. In the implementation of the embodiments of the present invention, geographic information can be converted into multiple sets of address labels. On the one hand, information desensitization is realized through a grouped and hierarchical encryption method, and the user's real address information is not stored in the background. On the other hand, the query person is limited according to the query authority. The queried information can effectively ensure the security of user address information.

Figure 202210335498

Description

地理信息加密脱敏及查询的方法和系统Method and system for encryption, desensitization and query of geographic information

技术领域technical field

本发明涉及加密技术领域,具体涉及一种地理信息加密脱敏及查询的方法和系统。The invention relates to the technical field of encryption, in particular to a method and system for encryption, desensitization and query of geographic information.

背景技术Background technique

物理地理信息以文字形式存储、显示与传递,用户个人居住地址信息很容易流出导致个人隐私泄露。Physical geographic information is stored, displayed and transmitted in the form of text, and the user's personal residential address information can easily leak out, resulting in the leakage of personal privacy.

在现实生活中,填写居住地址或常住地址的情况非常常见,如线上登记填报或线下纸质材料填写,都需要用到地址信息。个人信息与地址信息关联后,可能会导致个人信息泄露,就会给个人隐私带来风险。In real life, it is very common to fill in the residential address or habitual address. For example, online registration and filling in offline paper materials need to use address information. After personal information is associated with address information, it may lead to the leakage of personal information, which will bring risks to personal privacy.

发明内容SUMMARY OF THE INVENTION

针对所述缺陷,本发明实施例公开了一种地理信息加密脱敏及查询的方法和系统,其可以对地理信息进行加密脱敏,确保用户信息安全。Aiming at the defects, the embodiments of the present invention disclose a method and system for encryption, desensitization and query of geographic information, which can encrypt and desensitize geographic information to ensure user information security.

本发明实施例第一方面公开一种地理信息加密脱敏及查询的方法,所述方法包括:A first aspect of the embodiments of the present invention discloses a method for encryption, desensitization and query of geographic information, the method comprising:

接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签;receiving the address information input by the first user, and processing the address information by an encryption method to obtain multiple groups of address labels;

接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端。Receive a query request from a target terminal, determine one or more groups of target address labels based on the query request, decrypt the target address labels, and send the decrypted relevant information to the target terminal.

作为较佳的实施例,在本发明实施例的第一方面中,接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, the address information input by the first user is received, and the address information is processed by an encryption method to obtain multiple sets of address labels, including:

接收第一用户输入的地址信息;receiving the address information input by the first user;

将所述地址信息按照预设规则转换成多组定义值;converting the address information into multiple sets of defined values according to preset rules;

通过加密算法对每组定义值进行加密,以得到每组定义值对应的地址标签。Each set of defined values is encrypted through an encryption algorithm to obtain address labels corresponding to each set of defined values.

作为较佳的实施例,在本发明实施例的第一方面中,将所述地址信息按照预设规则转换成多组定义值,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, the address information is converted into multiple sets of defined values according to preset rules, including:

通过区域划分机制将所述地址信息划分成多个词段;Divide the address information into a plurality of word segments through a region division mechanism;

根据预设规则将每个词段转换成对应的定义值。Convert each word segment into a corresponding defined value according to preset rules.

作为较佳的实施例,在本发明实施例的第一方面中,将所述地址信息按照预设规则转换成多组定义值,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, the address information is converted into multiple sets of defined values according to preset rules, including:

通过编码方法获取所述地址信息中每个字对应的编码值,所述编码方法为国际码、机内码、区位码以及ASCII码中的任一种;Obtain the encoding value corresponding to each word in the address information by an encoding method, and the encoding method is any one of an international code, an internal code, a location code and an ASCII code;

将任意一个或多个编码值的组合形成一个定义值。Any combination of one or more encoded values forms a defined value.

作为较佳的实施例,在本发明实施例的第一方面中,接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, a query request from a target terminal is received, one or more groups of target address labels are determined based on the query request, and the target address labels are decrypted and decrypted. After the relevant information is sent to the target terminal, including:

接收目标终端的查询请求,并确定查询请求对应的查询权限;Receive the query request of the target terminal, and determine the query authority corresponding to the query request;

当所述查询权限为完全权限时,则将所述完全权限对应的用户的多组地址标签进行解密,并拼接形成地址信息,发送给目标终端;When the query authority is full authority, decrypt multiple groups of address labels of the users corresponding to the full authority, and splicing to form address information, which is sent to the target terminal;

当所述查询权限为部分权限时,则将所述部分权限对应的地址标签的人数发送给目标终端。When the query authority is a partial authority, the number of people in the address label corresponding to the partial authority is sent to the target terminal.

作为较佳的实施例,在本发明实施例的第一方面中,当所述查询权限为完全权限时,则将所述完全权限对应的用户的多组地址标签进行解密,并拼接形成地址信息,发送给目标终端,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, when the query authority is a full authority, multiple sets of address labels of users corresponding to the full authority are decrypted, and spliced to form address information , sent to the target terminal, including:

当所述查询请求由所述第一用户或第一用户的授权用户发起时,确定所述查询权限为完全权限;When the query request is initiated by the first user or an authorized user of the first user, determining that the query authority is a full authority;

将所述第一用户输入的地址信息生成的所有组地址标签进行解密,按照顺序拼接解密后的地址标签,形成地址信息,发送给目标终端。Decrypting all group address labels generated by the address information input by the first user, and splicing the decrypted address labels in sequence to form address information, which is sent to the target terminal.

作为较佳的实施例,在本发明实施例的第一方面中,将所述第一用户输入的地址信息生成的所有组地址标签进行解密,按照顺序拼接解密后的地址标签,形成地址信息,发送给目标终端,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, all group address labels generated by the address information input by the first user are decrypted, and the decrypted address labels are spliced in sequence to form address information, Sent to the target terminal, including:

将每组地址标签根据加密方法进行逆操作,以解密得到每组地址标签对应的定义值;Perform the inverse operation on each group of address labels according to the encryption method to decrypt to obtain the defined value corresponding to each group of address labels;

根据所述定义值和预设规则确定每组定义值对应的地址子信息;Determine the address sub-information corresponding to each set of defined values according to the defined values and preset rules;

将所述地址自信息按照对应的地址标签的顺序进行拼接,形成完整的地址信息,发送给目标终端。The address self-information is spliced according to the order of the corresponding address labels to form complete address information, which is sent to the target terminal.

作为较佳的实施例,在本发明实施例的第一方面中,当所述查询权限为部分权限时,则将所述部分权限对应的地址标签的人数发送给目标终端,包括:As a preferred embodiment, in the first aspect of the embodiment of the present invention, when the query authority is a partial authority, the number of people in the address label corresponding to the partial authority is sent to the target terminal, including:

当所述查询请求为第二用户时,确定所述查询权限为部分权限;When the query request is the second user, determine that the query permission is a partial permission;

确定所述部分权限对应的地址子信息;Determine the address sub-information corresponding to the partial authority;

对所述地址子信息按照相同的加密方法确定对应的地址标签,记为目标地址标签;Determine the corresponding address label according to the same encryption method to the address sub-information, and record it as the target address label;

统计所述目标地址标签对应的人数,将所述人数信息发送给所述目标终端。The number of people corresponding to the target address label is counted, and the number of people information is sent to the target terminal.

本发明实施例第二方面公开了地理信息加密脱敏及查询的系统,其包括:The second aspect of the embodiment of the present invention discloses a system for encryption, desensitization and query of geographic information, which includes:

加密模块,用于接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签;an encryption module for receiving the address information input by the first user, and processing the address information through an encryption method to obtain multiple groups of address labels;

查询模块,用于接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端。The query module is configured to receive a query request from a target terminal, determine one or more groups of target address labels based on the query request, decrypt the target address labels, and send the decrypted relevant information to the target terminal.

本发明实施例第三方面公开一种电子设备,包括:存储有可执行程序代码的存储器;与所述存储器耦合的处理器;所述处理器调用所述存储器中存储的所述可执行程序代码,用于执行本发明实施例第一方面公开的一种地理信息加密脱敏及查询的方法。A third aspect of the embodiments of the present invention discloses an electronic device, comprising: a memory storing executable program codes; a processor coupled to the memory; the processor calling the executable program codes stored in the memory , which is used to execute the method for encryption, desensitization and query of geographic information disclosed in the first aspect of the embodiments of the present invention.

本发明实施例第四方面公开一种计算机可读存储介质,其存储计算机程序,其中,所述计算机程序使得计算机执行本发明实施例第一方面公开的一种地理信息加密脱敏及查询的方法。A fourth aspect of the embodiments of the present invention discloses a computer-readable storage medium, which stores a computer program, wherein the computer program causes a computer to execute the method for encrypting, desensitizing and querying geographic information disclosed in the first aspect of the embodiments of the present invention .

本发明实施例第五方面公开一种计算机程序产品,当所述计算机程序产品在计算机上运行时,使得所述计算机执行本发明实施例第一方面公开的一种地理信息加密脱敏及查询的方法。A fifth aspect of the embodiments of the present invention discloses a computer program product, which, when the computer program product runs on a computer, enables the computer to execute the encryption, desensitization and query of geographic information disclosed in the first aspect of the embodiments of the present invention. method.

本发明实施例第六方面公开一种应用发布平台,所述应用发布平台用于发布计算机程序产品,其中,当所述计算机程序产品在计算机上运行时,使得所述计算机执行本发明实施例第一方面公开的一种地理信息加密脱敏及查询的方法。A sixth aspect of the embodiments of the present invention discloses an application publishing platform, and the application publishing platform is used for publishing a computer program product, wherein when the computer program product runs on a computer, the computer is made to execute the first embodiment of the present invention. On the one hand, a method for encrypting, desensitizing and querying geographic information is disclosed.

与现有技术相比,本发明实施例具有以下有益效果:Compared with the prior art, the embodiments of the present invention have the following beneficial effects:

本发明使用通过对地理信息转换为多组地址标签,一方面通过分组分级的加密方式实现信息脱敏,后台不存储用户的真实地址信息,另一方面根据查询权限来限定查询人查询到的信息,可以有效保证用户地址信息安全。In the present invention, by converting geographic information into multiple sets of address labels, on the one hand, information desensitization is realized through a grouped and hierarchical encryption method, and the real address information of the user is not stored in the background; on the other hand, the information queried by the query person is limited according to the query authority , which can effectively ensure the security of user address information.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions in the embodiments of the present invention more clearly, the following briefly introduces the drawings required in the embodiments. Obviously, the drawings in the following description are only some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained from these drawings without any creative effort.

图1是本发明实施例公开的一种地理信息加密脱敏及查询的方法的流程示意图;1 is a schematic flowchart of a method for encrypting, desensitizing and querying geographic information disclosed in an embodiment of the present invention;

图2是本发明实施例公开的一种地理信息加密脱敏及查询的系统的结构示意图;2 is a schematic structural diagram of a system for encrypting, desensitizing and querying geographic information disclosed in an embodiment of the present invention;

图3是本发明实施例公开的一种电子设备的结构示意图。FIG. 3 is a schematic structural diagram of an electronic device disclosed in an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

需要说明的是,本发明的说明书和权利要求书中的术语“第一”、“第二”、“第三”、“第四”等是用于区别不同的对象,而不是用于描述特定顺序。本发明实施例的术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,示例性地,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。It should be noted that the terms "first", "second", "third", "fourth", etc. in the description and claims of the present invention are used to distinguish different objects, rather than to describe specific order. The terms "comprising" and "having" and any variations thereof in the embodiments of the present invention are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to Those steps or elements that are expressly listed may instead include other steps or elements that are not expressly listed or are inherent to the process, method, product or apparatus.

本发明实施例公开了一种地理信息加密脱敏及查询的方法和系统,通过对地理信息转换为多组地址标签,一方面通过分组分级的加密方式实现信息脱敏,后台不存储用户的真实地址信息,另一方面根据查询权限来限定查询人查询到的信息,可以有效保证用户地址信息安全,以下结合附图进行详细描述。The embodiment of the present invention discloses a method and a system for encryption, desensitization and query of geographic information. By converting geographic information into multiple sets of address labels, on the one hand, information desensitization is realized through a grouped and hierarchical encryption method, and the real information of users is not stored in the background. Address information, on the other hand, restricting the information queried by the inquirer according to the query authority can effectively ensure the security of the user's address information, which will be described in detail below with reference to the accompanying drawings.

实施例一Example 1

请参阅图1,图1是本发明实施例公开的一种地理信息加密脱敏及查询的方法的流程示意图。如图1所示,该地理信息加密脱敏及查询的方法包括以下步骤:Please refer to FIG. 1. FIG. 1 is a schematic flowchart of a method for encrypting, desensitizing and querying geographic information disclosed in an embodiment of the present invention. As shown in Figure 1, the method for encrypting, desensitizing and querying geographic information includes the following steps:

S110,接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签。S110: Receive the address information input by the first user, and process the address information through an encryption method to obtain multiple sets of address labels.

这里的执行主体可以是服务器以及服务器的相关软件技术,其具有一定的处理和存储能力。The execution body here may be a server and related software technologies of the server, which have certain processing and storage capabilities.

第一用户在输入相应的地址信息后,该执行主体对用户输入的地址信息进行结构化分为地址地段,并对每个地址地段进行加密,以生成多组地址标签。由于执行主体存储的地址信息事实上为地址标签,而不存储用户真实的地址信息,因此不会直接泄露用户隐私。如果出现数据泄露,管理人员可以将加密算法进行修改,从而生成新的密文地址标签。After the first user inputs the corresponding address information, the executive body structures the address information input by the user into address fields, and encrypts each address field to generate multiple sets of address labels. Since the address information stored by the execution body is actually an address label, and does not store the user's real address information, the user's privacy will not be directly disclosed. In the event of a data breach, administrators can modify the encryption algorithm to generate new ciphertext address labels.

第一用户输入地址信息的方式有多种,示例性地,通过相应的APP、小程序或web页面以手动方式输入或者通过下拉框进行选择等都是可行的。There are various ways for the first user to input the address information. Exemplarily, manual input through a corresponding APP, applet or web page or selection through a drop-down box is feasible.

接收到第一用户输入的地址信息,要对地址信息进行分级分段生成多组地址标签。之所以生成多组地址标签,一方面更有利用保护用户的隐私,即部分地址标签丢失或被破解,也很可能不会影响到用户,更有效保护个人地址信息安全。另一方面,可以通过多组标签为不同的查询者赋予不同的查询权限,从而使得各种查询权限人员均能获取自己需要的数据。After receiving the address information input by the first user, the address information is to be graded and segmented to generate multiple groups of address labels. The reason why multiple sets of address labels are generated is that, on the one hand, it is more useful to protect the privacy of users, that is, if some address labels are lost or cracked, it is very likely that users will not be affected, and the security of personal address information is more effectively protected. On the other hand, different query rights can be given to different queryers through multiple sets of tags, so that all the people with various query permissions can obtain the data they need.

对地址信息进行结构化拆分为地址地段的方式有多种。在本发明较佳的实施例中,可以通过区域划分机制将所述地址信息划分成多个词段,图表1所示,可以划分的词段也就是地址地段可以包括:省、市、区、街道、社区、小区/楼院、楼栋号、单元和房号几个部分,当然,也可以根据其他的区域划分机制进行划分。There are various ways of structurally splitting address information into address fields. In a preferred embodiment of the present invention, the address information can be divided into a plurality of word segments through a regional division mechanism. As shown in Figure 1, the word segments that can be divided, that is, the address segments, can include: province, city, district, Street, community, community/yard, building number, unit and room number, of course, can also be divided according to other regional division mechanisms.

表1基于区域划分机制的加密脱敏数据表Table 1 Encryption and desensitization data table based on area division mechanism

Province city Area 街道street 社区Community 小区/楼院Community / Courtyard 楼栋号Building number 单元unit 房号Room No 地址address A省Province A B市City B C区Area C D街道D Street E社区E-community F大院F compound 1号楼building no.1 1单元1 unit 101101 定义值define value 12001200 02000200 21002100 00520052 01030103 00110011 01000100 00100010 01010101 加密算法Encryption Algorithm 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 算法1Algorithm 1 密文ciphertext 标签ALabel A 标签BLabel B 标签CLabel C 标签DLabel D 标签ELabel E 标签FLabel F 标签GLabel G 标签HLabel H 标签ILabel I

划分后,可以为每个地址地段设定相应的定义值,例如,对于A省这个词段,可以设定其值为1200,当第一用户输入的地址信息包括A省时,自动获得对应的定义值1200,依此对所有的地址地段进行定义值的设置。After the division, a corresponding defined value can be set for each address segment. For example, for the word segment of province A, its value can be set to 1200. When the address information input by the first user includes province A, the corresponding definition value is automatically obtained. Define the value of 1200, and set the defined value for all address fields accordingly.

为避免不同的区域划分中包括相同的词段,例如A省和X省均有个E社区。对于这种情况,一方面可以根据上下文的语义完成词段自动转换为定义值,即参照该E社区对应的省份来确定其定义值,另一方面,可以将内容相同的词段定义为相同的定义值,这种方式也可以避免出现转换错误。In order to avoid including the same word segment in different regional divisions, for example, both province A and province X have an E community. In this case, on the one hand, the word segment can be automatically converted into a defined value according to the semantics of the context, that is, the defined value can be determined by referring to the province corresponding to the E community; on the other hand, the word segment with the same content can be defined as the same Define the value, this way you can also avoid conversion errors.

定义值根据需要可以设定为多个字符,例如,图1中的四个字符,在其他的实施例中,也可以是2个或更多个字符。如果第一用户输入时省去了某部分的内容,则将该部分自动使用与其他部分相同个字符的0来填充,例如,其未输入街道信息,则将街道信息的定义值设置为0000,当然,为了区分与其他定义值可能出现相同,也可以将该部分设置为与其他部分不同个字符的0来填充。The definition value may be set to multiple characters as required, for example, four characters in FIG. 1 , and may also be two or more characters in other embodiments. If the content of a certain part is omitted when the first user inputs, the part is automatically filled with 0 of the same character as other parts. For example, if no street information is input, the defined value of the street information is set to 0000, Of course, in order to distinguish it from other defined values that may appear the same, this part can also be filled with 0s that are different from other parts.

例如,当A省B市C区的Y街道的定义值为0000时,如果第一用户在填写时未输入街道信息,则如果将该部分自动转换为0000,则会认定为Y街道,因此,这种情况下,可以将该第一用户未输入的街道信息对应的定义值为00。For example, when the defined value of Street Y in District C, City B, Province A is 0000, if the first user does not input the street information when filling in, if this part is automatically converted to 0000, it will be identified as Street Y. Therefore, In this case, the defined value corresponding to the street information not input by the first user may be 00.

作为另一种划分地址地段的方法,也可以将用户输入的每个字作为一个字段,并为其设定编码值,这种情况下,无需对每个词段一一设置其定义值,只需要一定的转换方法就可以得到其编码值,从而提高效率。As another method of dividing address segments, each word input by the user can also be used as a field, and a coding value can be set for it. It needs a certain conversion method to get its coded value, thereby improving the efficiency.

示例性地,可以通过国际码、机内码、区位码以及ASCII码中的任一种来确定每个字的编码值。Exemplarily, the encoding value of each word can be determined by any one of international code, built-in code, area code, and ASCII code.

这种情况下,可以将每个字对应的编码值作为定义值,也可以将任意两个或两个以上字对应的编码值组合在一起构成定义值,示例性地,当采用区位码时,如果输入河南两个字,则对应的区位码分别为2651和3647,则可以将河南分别作为一个地址地段,其定义值分别为2651和3647,也可以将二者组合在一起,构成一组定义值,即河南对应的定义值为26513647。In this case, the coded value corresponding to each word can be used as the defined value, or the coded values corresponding to any two or more words can be combined together to form the defined value. If the two characters Henan are input, the corresponding area codes are 2651 and 3647, respectively, and Henan can be used as an address area, and its defined values are 2651 and 3647, or they can be combined to form a set of definitions. value, that is, the defined value corresponding to Henan is 26513647.

确定了定义值后,则可以将每组定义值通过加密算法转换为密文标签,即地址标签。加密算法有多种,可以采用任意现有比较成熟的加密算法对定义值进行加密,得到相应的地址标签,每组定义值的加密算法可以相同,也可以不同。After the defined values are determined, each set of defined values can be converted into ciphertext labels, that is, address labels, through an encryption algorithm. There are many kinds of encryption algorithms. Any existing relatively mature encryption algorithm can be used to encrypt the defined value to obtain the corresponding address label. The encryption algorithm of each group of defined values can be the same or different.

S120,接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端。S120: Receive a query request from a target terminal, determine one or more groups of target address labels based on the query request, decrypt the target address labels, and send the decrypted relevant information to the target terminal.

对于目标终端的查询请求,可以具有完全权限的查询和不完全权限的查询,当然,除二者之外,也包括完全无权限查询。For the query request of the target terminal, there may be a query with full authority and a query with incomplete authority. Of course, in addition to the two, it also includes a query without authority at all.

对于完全权限的查询,是指可以查询到某个具体个人的完整的地址信息,而不完全权限即部分权限的查询,是指可以查询到某个地址标签对应的人数,其不能查询到具体个人的完整地址信息。For a query with full authority, it means that the complete address information of a specific individual can be queried, while a query with incomplete authority, i.e. partial authority, means that the number of people corresponding to a certain address label can be queried, but it cannot be queried about a specific individual. full address information.

根据查询请求即可确定目标终端的查询意图,即查询请求包括了查询权限内容,如果查询请求为查询具体个人地址信息,则暂视为查询权限为完全权限,对该暂视为查询权限为完全权限的相关信息进行验证通过后,才予以确认其具有完全权限,则可以其查询的具体个人的相关信息例如姓名、手机号或者身份证号等来确定其对应的地址标签,然后将这些地址标签进行与加密算法相对应的解密操作,形成完整的地址信息,发送给目标终端。The query intention of the target terminal can be determined according to the query request, that is, the query request includes the content of the query permission. If the query request is to query specific personal address information, the query permission is temporarily regarded as full permission, and the query permission is temporarily regarded as full permission. After the relevant information of the authority has been verified, it is confirmed that it has full authority. Perform the decryption operation corresponding to the encryption algorithm to form complete address information and send it to the target terminal.

解密获取完整地址信息的过程与加密过程互为逆过程,解密时先将各个地址标签通过解密算法(与加密算法相对应的逆操作)得到定义值,然后根据预设规则确定每组定义值对应的地址子信息,将这些地址子信息按照顺序拼接完成解密。The process of decrypting to obtain complete address information and the encryption process are mutually inverse processes. When decrypting, each address label is firstly obtained by the decryption algorithm (the inverse operation corresponding to the encryption algorithm) to obtain the defined value, and then the corresponding set of defined values is determined according to the preset rules. The address sub-information is spliced in order to complete the decryption.

对上述暂视为查询权限为完全权限的相关信息进行验证的方法是确定查询人员(目标终端的操作者)是否为第一用户或第一用户授权的用户,如果是,则确认其具有完全权限,则将对应于第一用户输入的地址信息相关联的地址标签全部解密,形成完整的地址信息后返回目标终端。The method for verifying the above-mentioned relevant information temporarily regarded as the query authority as full authority is to determine whether the inquirer (the operator of the target terminal) is the first user or a user authorized by the first user, and if so, confirm that it has full authority , then decrypt all the address labels associated with the address information input by the first user to form complete address information and return to the target terminal.

当查询人员是第一用户时,对其验证的方法包括但不限于生物信息验证,例如人脸识别,指纹识别,虹膜识别以及声音识别等,也可以是字迹识别或者验证信息的输入识别等。当然,前提是这些与第一用户关联的信息也存储于执行主体中或者执行主体可以调取到这些与第一用户关联的信息。When the inquirer is the first user, the verification methods include but are not limited to biometric information verification, such as face recognition, fingerprint recognition, iris recognition, and voice recognition, etc., and may also be handwriting recognition or verification information input recognition. Of course, the premise is that the information associated with the first user is also stored in the execution body or the execution body can retrieve the information associated with the first user.

示例性地,对于验证信息的输入识别,可以随机呈现于目标终端一个或多个验证信息供查询人员输入验证,例如,请输入你的手机号码,请输入你的小学学校名,请输入你的父母姓名等。Exemplarily, for the input recognition of verification information, one or more verification information can be randomly presented on the target terminal for the inquirer to input and verify, for example, please enter your mobile phone number, please enter your primary school name, please enter your parents' names, etc.

当查询人员是第一用户授权的用户时,则可以根据第一用户授权文件例如委托书和身份证扫描件的组合进行,当然,也可以根据委托书中的字迹比对完成验证。When the inquirer is a user authorized by the first user, the verification can be performed according to the first user authorization document such as a combination of a power of attorney and a scanned copy of an ID card. Of course, the verification can also be completed according to the handwriting comparison in the power of attorney.

当查询人员为第一用户以及第一用户授权的用户外的其他用户时,则无法通过验证,其无法获取第一用户的地址信息。When the inquiring person is the first user and other users other than the user authorized by the first user, the verification cannot be passed, and he cannot obtain the address information of the first user.

当查询人员的查询请求为部分权限时,则返回其权限相关的目标地址标签对应的人数,因此,可以理解的是,具有部分权限的第一用户一般为区域管理人员,例如街道管理人员、小区管理人员等,其查询目的一方面统计录入系统(即本发明涉及的地理信息加密脱敏及查询系统)的人数,以便判断是否加大力度宣传使得更多人将信息录入系统,另一方面在数据量足够时,也可以及时统计其管理区域的人数和流动情况。When the query request of the inquirer is partial authority, the number of people corresponding to the target address label related to the authority is returned. Therefore, it can be understood that the first user with partial authority is generally the regional management personnel, such as street management personnel, community Managers, etc., whose query purpose is to count the number of people entering the system (that is, the geographic information encryption, desensitization and query system involved in the present invention) on the one hand, so as to judge whether to increase publicity to make more people enter the information into the system, on the other hand. When the amount of data is sufficient, the number and flow of people in the management area can also be counted in time.

因此,对于第二用户,可以是事先录入到系统的相关人员,可以通过与录入到系统的相关人员信息进行比对(与第一用户的比对类似),来确定其是否具有部分权限,如果具有部分权限,则提取其查询请求中涉及的其权限区域(称为地址子信息),然后将该区域通过与上述加密过程相类似的方法确定对应的地址标签,将该地址标签定义为目标地址标签,然后将该目标地址标签相同的数量发送给目标终端。Therefore, for the second user, it may be a relevant person entered into the system in advance, and it can be determined by comparing it with the relevant personnel information entered into the system (similar to the comparison with the first user) to determine whether it has partial authority, if With partial authority, extract its authority area (called address sub-information) involved in its query request, and then determine the corresponding address label in this area through a method similar to the above encryption process, and define the address label as the target address. label, and then send the same amount of the target address label to the target terminal.

为了避免不同的地址子信息对应的目标地址标签相同,在本发明较佳的实施例中,一般将地址子信息所在的上一级地址子信息或所有上级地址子信息也均作为待查询的地址子信息,记为地址子信息集合,然后将这些地址子信息集合对应的目标地址标签相同的数量发送给目标终端。In order to avoid the same target address labels corresponding to different address sub-information, in a preferred embodiment of the present invention, generally the upper-level address sub-information where the address sub-information is located or all the upper-level address sub-information are also used as the address to be queried. The sub-information is recorded as an address sub-information set, and then the same number of target address tags corresponding to these address sub-information sets are sent to the target terminal.

示例性地,仍以表1中的数据为例,当判断第二用户为A省B市C区D街道的管理人员时,并且其请求也是获取D街道的人数时,则可以将C区D街道作为一个地址子信息集合,得到其对应的目标地址标签为标签C和标签D,将所有标签C和标签D都相同的存储于执行主体的人员(每个人员所有的地址标签为一个单位)数量发送给目标终端。当然,也有可能不同的省或市具有相同的区和街道定义值,从而得到的目标地址标签也会相同,造成一定的错误,因此,可以将A省B市C区D街作为一个地址子信息集合,得到其对应的目标地址标签为标签A、标签B、标签C和标签D,统计所有标签A、标签B、标签C和标签D都相同的人员数量,将该数量发送给目标终端。Exemplarily, still taking the data in Table 1 as an example, when it is judged that the second user is the manager of D street in district C, city A, province A, and his request is also to obtain the number of people in street D, then it can be The street is used as an address sub-information set, and the corresponding target address labels are obtained as label C and label D, and all labels C and label D are identically stored in the personnel of the executive body (all address labels of each person are a unit) The quantity is sent to the target terminal. Of course, it is also possible that different provinces or cities have the same definition values of districts and streets, so that the obtained target address labels will also be the same, causing certain errors. Therefore, D Street, District C, District C, City A, Province A can be used as an address sub-information Set, get the corresponding target address labels as label A, label B, label C and label D, count the number of people with the same label A, label B, label C and label D, and send the number to the target terminal.

当然,第二用户也可以并非实现例如到系统的相关人员,通过相应的授权书,例如街道授权书(街道办盖章)以及第二用户的个人信息等,来确定其查询权限以及查询内容。Of course, the second user may also not be the relevant person who implements the system, for example, to determine his query authority and query content through a corresponding authorization letter, such as a street authorization letter (stamped by the street office) and the second user's personal information.

由上可知:1、执行主体的数据库不会存储用户的真实地址信息,实现了个人信息的加密脱敏;2、除非第一用户本人或授权,其他任何人都查询不到第一用户的完整的个人信息,有效保护了个人地址信息的安全;3、如果后台数据泄密,存储的数据因为不包含任何明文的地址信息,因此不会直接泄露用户隐私。即使数据泄露后,系统管理员可修改系统的加密算法,系统将存储的加密数据进行再次加密处理,生成新的密文地址标签,可以在脱敏数据泄露后进行重新加密,确保用户信息安全。It can be seen from the above: 1. The database of the executive body will not store the real address information of the user, which realizes the encryption and desensitization of personal information; 2. Unless the first user is himself or authorized, no one else can query the complete information of the first user. 3. If the background data is leaked, the stored data will not directly reveal user privacy because it does not contain any plaintext address information. Even after the data is leaked, the system administrator can modify the encryption algorithm of the system, and the system will re-encrypt the stored encrypted data to generate a new ciphertext address label, which can be re-encrypted after the desensitized data is leaked to ensure the security of user information.

实施例二Embodiment 2

请参阅图2,图2是本发明实施例公开的一种地理信息加密脱敏及查询的系统的结构示意图。如图2所示,该地理信息加密脱敏及查询的系统可以包括:Please refer to FIG. 2. FIG. 2 is a schematic structural diagram of a system for encryption, desensitization and query of geographic information disclosed in an embodiment of the present invention. As shown in Figure 2, the system for encrypting, desensitizing and querying geographic information may include:

加密模块210,用于接收第一用户输入的地址信息,通过加密方法对所述地址信息进行处理,得到多组地址标签;an encryption module 210, configured to receive the address information input by the first user, and process the address information through an encryption method to obtain multiple sets of address labels;

查询模块220,用于接收目标终端的查询请求,基于所述查询请求确定一组或多组目标地址标签,并解密所述目标地址标签,并解密后的相关信息发送给所述目标终端。The query module 220 is configured to receive a query request from a target terminal, determine one or more groups of target address labels based on the query request, decrypt the target address labels, and send the decrypted relevant information to the target terminal.

作为一种实现方式,加密模块210,可以包括:As an implementation manner, the encryption module 210 may include:

划分单元,用于通过区域划分机制将所述地址信息划分成多个词段;a division unit, used for dividing the address information into a plurality of word segments through a region division mechanism;

转换单元,用于根据预设规则将每个词段转换成对应的定义值。The conversion unit is used to convert each word segment into a corresponding defined value according to a preset rule.

作为另一种实现方式,加密模块210,可以包括:As another implementation manner, the encryption module 210 may include:

编码单元,用于通过编码方法获取所述地址信息中每个字对应的编码值,所述编码方法为国际码、机内码、区位码以及ASCII码中的任一种;An encoding unit, used for obtaining the encoding value corresponding to each word in the address information by an encoding method, and the encoding method is any one of an international code, an internal code, a location code and an ASCII code;

组合单元,用于将任意一个或多个编码值的组合形成一个定义值。The combination unit is used to combine any one or more encoded values to form a defined value.

优选地,查询模块220,可以包括:Preferably, the query module 220 may include:

接收单元,用于接收目标终端的查询请求,并确定查询请求对应的查询权限;a receiving unit, configured to receive the query request of the target terminal, and determine the query authority corresponding to the query request;

第一判断单元,用于当所述查询权限为完全权限时,则将所述完全权限对应的用户的多组地址标签进行解密,并拼接形成地址信息,发送给目标终端;a first judging unit, configured to decrypt multiple sets of address labels of users corresponding to the full authority when the query authority is full authority, and splicing to form address information, which is sent to the target terminal;

第二判断单元,用于当所述查询权限为部分权限时,则将所述部分权限对应的地址标签的人数发送给目标终端。The second judging unit is configured to, when the query authority is a partial authority, send the number of people in the address tag corresponding to the partial authority to the target terminal.

优选地,所述第一判断单元,可以包括:Preferably, the first judgment unit may include:

当所述查询请求由所述第一用户或第一用户的授权用户发起时,确定所述查询权限为完全权限;When the query request is initiated by the first user or an authorized user of the first user, determining that the query authority is a full authority;

将所述第一用户输入的地址信息生成的所有组地址标签进行解密,按照顺序拼接解密后的地址标签,形成地址信息,发送给目标终端,其具体包括:All group address labels generated by the address information input by the first user are decrypted, and the decrypted address labels are spliced in order to form address information and send to the target terminal, which specifically includes:

将每组地址标签根据加密方法进行逆操作,以解密得到每组地址标签对应的定义值;Perform inverse operations on each group of address labels according to the encryption method to decrypt and obtain the defined value corresponding to each group of address labels;

根据所述定义值和预设规则确定每组定义值对应的地址子信息;Determine the address sub-information corresponding to each set of defined values according to the defined values and preset rules;

将所述地址自信息按照对应的地址标签的顺序进行拼接,形成完整的地址信息,发送给目标终端。The address self-information is spliced according to the order of the corresponding address labels to form complete address information, which is sent to the target terminal.

优选地,所述第二判断单元,可以包括:Preferably, the second judgment unit may include:

当所述查询请求为第二用户时,确定所述查询权限为部分权限;When the query request is the second user, determine that the query permission is a partial permission;

确定所述部分权限对应的地址子信息;Determine the address sub-information corresponding to the partial authority;

对所述地址子信息按照相同的加密方法确定对应的地址标签,记为目标地址标签;Determine the corresponding address label according to the same encryption method to the address sub-information, and record it as the target address label;

统计所述目标地址标签对应的人数,将所述人数信息发送给所述目标终端。The number of people corresponding to the target address label is counted, and the number of people information is sent to the target terminal.

实施例三Embodiment 3

请参阅图3,图3是本发明实施例公开的一种电子设备的结构示意图。如图3所示,该电子设备可以包括:Please refer to FIG. 3 , which is a schematic structural diagram of an electronic device disclosed in an embodiment of the present invention. As shown in Figure 3, the electronic device may include:

存储有可执行程序代码的存储器310;a memory 310 storing executable program code;

与存储器310耦合的处理器320;a processor 320 coupled to the memory 310;

其中,处理器320调用存储器310中存储的可执行程序代码,执行实施例一中的一种地理信息加密脱敏及查询的方法中的部分或全部步骤。The processor 320 invokes the executable program code stored in the memory 310 to execute part or all of the steps in the method for encryption, desensitization and query of geographic information in the first embodiment.

本发明实施例公开一种计算机可读存储介质,其存储计算机程序,其中,该计算机程序使得计算机执行实施例一中的一种地理信息加密脱敏及查询的方法中的部分或全部步骤。An embodiment of the present invention discloses a computer-readable storage medium storing a computer program, wherein the computer program enables a computer to execute some or all of the steps in the method for encryption, desensitization and query of geographic information in the first embodiment.

本发明实施例还公开一种计算机程序产品,其中,当计算机程序产品在计算机上运行时,使得计算机执行实施例一中的一种地理信息加密脱敏及查询的方法中的部分或全部步骤。The embodiment of the present invention also discloses a computer program product, wherein when the computer program product runs on the computer, the computer is made to execute some or all of the steps in the method for encryption, desensitization and query of geographic information in the first embodiment.

本发明实施例还公开一种应用发布平台,其中,应用发布平台用于发布计算机程序产品,其中,当计算机程序产品在计算机上运行时,使得计算机执行实施例一中的一种地理信息加密脱敏及查询的方法中的部分或全部步骤。The embodiment of the present invention also discloses an application publishing platform, wherein the application publishing platform is used to publish a computer program product, wherein, when the computer program product runs on a computer, the computer is made to execute a geographic information encryption decryption method in the first embodiment. Some or all of the steps in the method of sensitivity and query.

在本发明的各种实施例中,应理解,所述各过程的序号的大小并不意味着执行顺序的必然先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。In various embodiments of the present invention, it should be understood that the size of the sequence numbers of the described procedures does not imply a necessary order of execution, and the execution order of each procedure should be determined by its functions and internal logic, and does not deal with the present invention. The implementation of the embodiments constitutes no limitation.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可位于一个地方,或者也可以分布到多个网络单元上。可根据实际的需要选择其中的部分或全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, and may be located in one place or distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

另外,在本发明各实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。所述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The integrated unit may be implemented in the form of hardware, or may be implemented in the form of software functional units.

所述集成的单元若以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可获取的存储器中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或者部分,可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储器中,包括若干请求用以使得一台计算机设备(可以为个人计算机、服务器或者网络设备等,具体可以是计算机设备中的处理器)执行本发明的各个实施例所述方法的部分或全部步骤。The integrated unit, if implemented as a software functional unit and sold or used as a stand-alone product, may be stored in a computer-accessible memory. Based on such understanding, the technical solution of the present invention, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product, and the computer software product is stored in a memory , including several requests to cause a computer device (which may be a personal computer, a server, or a network device, etc., specifically a processor in the computer device) to execute some or all of the steps of the methods described in the various embodiments of the present invention.

在本发明所提供的实施例中,应理解,“与A对应的B”表示B与A相关联,根据A可以确定B。但还应理解,根据A确定B并不意味着仅仅根据A确定B,还可以根据A和/或其他信息确定B。In the embodiments provided by the present invention, it should be understood that "B corresponding to A" means that B is associated with A, and B can be determined according to A. However, it should also be understood that determining B according to A does not mean that B is only determined according to A, and B may also be determined according to A and/or other information.

本领域普通技术人员可以理解所述实施例的各种方法中的部分或全部步骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质包括只读存储器(Read-Only Memory,ROM)、随机存储器(RandomAccess Memory,RAM)、可编程只读存储器(Programmable Read-only Memory,PROM)、可擦除可编程只读存储器(Erasable Programmable Read-Only Memory,EPROM)、一次可编程只读存储器(One-timeProgrammable Read-Only Memory,OTPROM)、电子抹除式可复写只读存储器(Electrically-Erasable Programmable Read-Only Memory,EEPROM)、只读光盘(CompactDisc Read-Only Memory,CD-ROM)或其他光盘存储器、磁盘存储器、磁带存储器、或者能够用于携带或存储数据的计算机可读的任何其他介质。Those of ordinary skill in the art can understand that some or all of the steps in the various methods of the embodiments can be completed by instructing the relevant hardware through a program, and the program can be stored in a computer-readable storage medium, and the storage medium includes only Read-Only Memory (ROM), Random Access Memory (RAM), Programmable Read-only Memory (PROM), Erasable Programmable Read-Only Memory (Erasable Programmable Read-Only Memory) , EPROM), One-time Programmable Read-Only Memory (OTPROM), Electronically Erasable Programmable Read-Only Memory (EEPROM), CompactDisc Read -Only Memory, CD-ROM) or other optical disk storage, magnetic disk storage, magnetic tape storage, or any other computer-readable medium that can be used to carry or store data.

以上对本发明实施例公开的一种地理信息加密脱敏及查询的方法和系统进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。A method and system for encrypting, desensitizing and querying geographic information disclosed in the embodiments of the present invention have been described above in detail. The principles and implementations of the present invention are described with specific examples in this paper. In order to help understand the method of the present invention and its core idea; at the same time, for those skilled in the art, according to the idea of the present invention, there will be changes in the specific implementation and application scope. In summary, this specification The content should not be construed as limiting the present invention.

Claims (10)

1. A method for encryption desensitization and query of geographic information, comprising:
receiving address information input by a first user, and processing the address information by an encryption method to obtain a plurality of groups of address labels;
receiving a query request of a target terminal, determining one or more groups of target address tags based on the query request, decrypting the target address tags, and sending the decrypted related information to the target terminal.
2. The method for encryption desensitization and query of geographic information according to claim 1, wherein receiving address information input by a first user, processing said address information by encryption to obtain a plurality of sets of address labels, comprises:
receiving address information input by a first user;
converting the address information into a plurality of groups of defined values according to a preset rule;
and encrypting each group of definition values through an encryption algorithm to obtain the address label corresponding to each group of definition values.
3. The method for encryption desensitization and query of geographic information according to claim 2, wherein converting said address information into a plurality of groups of defined values according to a predetermined rule comprises:
dividing the address information into a plurality of word segments through a region division mechanism;
and converting each word segment into a corresponding definition value according to a preset rule.
4. The method for encryption desensitization and query of geographic information according to claim 2, wherein converting said address information into a plurality of groups of defined values according to a predetermined rule comprises:
acquiring a coding value corresponding to each word in the address information by a coding method, wherein the coding method is any one of international code, machine-in code, zone bit code and ASCII code;
any combination of one or more of the encoded values is formed into a defined value.
5. The method of claim 1, wherein receiving an inquiry request from a target terminal, determining one or more sets of target address tags based on the inquiry request, decrypting the target address tags, and sending the decrypted related information to the target terminal comprises:
receiving a query request of a target terminal, and determining a query authority corresponding to the query request;
when the inquiry authority is the complete authority, decrypting a plurality of groups of address labels of the user corresponding to the complete authority, splicing to form address information, and sending the address information to a target terminal;
and when the inquiry authority is a partial authority, sending the number of people of the address label corresponding to the partial authority to a target terminal.
6. The method for encryption desensitization and query of geographic information according to claim 5, wherein when the query right is a full right, the method decrypts the multiple groups of address labels of the users corresponding to the full right, splices the address labels to form address information, and sends the address information to the target terminal, comprising:
when the query request is initiated by the first user or an authorized user of the first user, determining the query right as a full right;
and decrypting all groups of address labels generated by the address information input by the first user, splicing the decrypted address labels in sequence to form address information, and sending the address information to a target terminal.
7. The method for desensitizing encryption and query of geographic information according to claim 6, wherein decrypting all sets of address tags generated from the address information inputted by the first user, splicing the decrypted address tags in order to form address information, and sending the address information to the target terminal comprises:
carrying out inverse operation on each group of address tags according to an encryption method so as to decrypt and obtain a defined value corresponding to each group of address tags;
determining address sub-information corresponding to each group of definition values according to the definition values and preset rules;
and splicing the address self-information according to the sequence of the corresponding address labels to form complete address information, and sending the complete address information to the target terminal.
8. The method for encryption desensitization and query of geographic information according to claim 5, wherein when the query right is a partial right, the number of people of the address tag corresponding to the partial right is sent to the target terminal, comprising:
when the query request is a second user, determining that the query authority is a partial authority;
determining address sub-information corresponding to the partial authority;
determining a corresponding address label for the address sub-information according to the same encryption method, and marking as a target address label;
and counting the number of people corresponding to the target address label, and sending the information of the number of people to the target terminal.
9. A system for encryption desensitization and querying of geographic information, comprising:
the encryption module is used for receiving address information input by a first user and processing the address information by an encryption method to obtain a plurality of groups of address labels;
and the query module is used for receiving a query request of a target terminal, determining one or more groups of target address labels based on the query request, decrypting the target address labels, and sending the decrypted related information to the target terminal.
10. A computer-readable storage medium storing a computer program, wherein the computer program causes a computer to execute a method of geographic information encryption desensitization and query according to any one of claims 1 to 8.
CN202210335498.1A 2022-03-31 2022-03-31 Method and system for encryption desensitization and query of geographic information Pending CN114706932A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210335498.1A CN114706932A (en) 2022-03-31 2022-03-31 Method and system for encryption desensitization and query of geographic information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210335498.1A CN114706932A (en) 2022-03-31 2022-03-31 Method and system for encryption desensitization and query of geographic information

Publications (1)

Publication Number Publication Date
CN114706932A true CN114706932A (en) 2022-07-05

Family

ID=82170984

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210335498.1A Pending CN114706932A (en) 2022-03-31 2022-03-31 Method and system for encryption desensitization and query of geographic information

Country Status (1)

Country Link
CN (1) CN114706932A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117313133A (en) * 2023-10-20 2023-12-29 网麒科技(北京)有限责任公司 Data desensitization method, device, equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2372575A1 (en) * 2010-03-26 2011-10-05 British Telecommunications public limited company Information retrieval with security rules
CN108289095A (en) * 2018-01-02 2018-07-17 诚壹泰合(北京)科技有限公司 A kind of sensitive data storage method, apparatus and system
CN108418676A (en) * 2018-01-26 2018-08-17 山东超越数控电子股份有限公司 A kind of data desensitization method based on permission
CN110889136A (en) * 2019-11-18 2020-03-17 杭州安恒信息技术股份有限公司 A data desensitization method, device and electronic device for address information
WO2021003831A1 (en) * 2019-09-02 2021-01-14 深圳晶泰科技有限公司 Blockchain-based pharmaceutical crystal library and construction method therefor
CN113342915A (en) * 2021-06-22 2021-09-03 深圳壹账通智能科技有限公司 Address desensitization method, device, electronic equipment and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2372575A1 (en) * 2010-03-26 2011-10-05 British Telecommunications public limited company Information retrieval with security rules
CN108289095A (en) * 2018-01-02 2018-07-17 诚壹泰合(北京)科技有限公司 A kind of sensitive data storage method, apparatus and system
CN108418676A (en) * 2018-01-26 2018-08-17 山东超越数控电子股份有限公司 A kind of data desensitization method based on permission
WO2021003831A1 (en) * 2019-09-02 2021-01-14 深圳晶泰科技有限公司 Blockchain-based pharmaceutical crystal library and construction method therefor
CN110889136A (en) * 2019-11-18 2020-03-17 杭州安恒信息技术股份有限公司 A data desensitization method, device and electronic device for address information
CN113342915A (en) * 2021-06-22 2021-09-03 深圳壹账通智能科技有限公司 Address desensitization method, device, electronic equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117313133A (en) * 2023-10-20 2023-12-29 网麒科技(北京)有限责任公司 Data desensitization method, device, equipment and storage medium
CN117313133B (en) * 2023-10-20 2024-08-06 网麒科技(北京)有限责任公司 Data desensitization method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US11652608B2 (en) System and method to protect sensitive information via distributed trust
JP4443224B2 (en) Data management system and method
US8843745B2 (en) Methods of authorizing a computer license
US11379606B2 (en) Provision of risk information associated with compromised accounts
KR101371608B1 (en) Database Management System and Encrypting Method thereof
US20110113050A1 (en) Data masking with an encrypted seed
Zhang et al. Using blockchain to protect personal privacy in the scenario of online taxi-hailing
US10536276B2 (en) Associating identical fields encrypted with different keys
CN105975877A (en) A Safe Storage Method for Sensitive Documents
CN111368328A (en) Data storage method and device, computer readable storage medium and electronic equipment
CN104636444A (en) Database encryption and decryption method and device
CN111885153A (en) Block chain-based data acquisition method and device, computer equipment and storage medium
CN106934299A (en) A kind of Database Encrypt System and method
JP3843405B2 (en) Personal information recording method, personal information recording system and recording medium
CN114706932A (en) Method and system for encryption desensitization and query of geographic information
JP2017219997A (en) Information processing system, information processing device and program
CN114401117B (en) Blockchain-based account login verification system
JP7250390B1 (en) Data sharing system, data sharing method, and data sharing program
TW202129519A (en) Personal data protection application system and personal data protection application method capable of avoiding malicious disclosure of private information by the administrator
CN116167071A (en) Digital asset right-determining registration method and device based on blockchain
CN111404662B (en) Data processing method and device
US20160092886A1 (en) Methods of authorizing a computer license
JP2006140944A (en) Information embedding device, method, system, and user terminal
CN114900313B (en) Privacy-protecting anonymous work certificate generation and verification method
CN118643522B (en) Sensitive data management method, device and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination