[go: up one dir, main page]

CN114817975A - Data desensitization encryption and decryption method and device - Google Patents

Data desensitization encryption and decryption method and device Download PDF

Info

Publication number
CN114817975A
CN114817975A CN202210233285.8A CN202210233285A CN114817975A CN 114817975 A CN114817975 A CN 114817975A CN 202210233285 A CN202210233285 A CN 202210233285A CN 114817975 A CN114817975 A CN 114817975A
Authority
CN
China
Prior art keywords
target
encryption
data
decryption
desensitization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210233285.8A
Other languages
Chinese (zh)
Inventor
吴静
赵衍忍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Communication Information System Co Ltd
Original Assignee
Inspur Communication Information System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Communication Information System Co Ltd filed Critical Inspur Communication Information System Co Ltd
Priority to CN202210233285.8A priority Critical patent/CN114817975A/en
Publication of CN114817975A publication Critical patent/CN114817975A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提供一种数据脱敏加解密方法及装置,其中,该方法包括:获取目标数据对应的目标表达式;基于所述目标表达式,对所述目标数据执行目标操作;其中,所述目标操作包括脱敏操作、加密操作或解密操作。本发明提供的数据脱敏加解密方法及装置,通过获取目标数据对应的目标表达式,基于目标表达式,对目标数据执行脱敏操作、加密操作或解密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。

Figure 202210233285

The present invention provides a data desensitization encryption and decryption method and device, wherein the method includes: obtaining a target expression corresponding to target data; performing a target operation on the target data based on the target expression; wherein, the target Operations include desensitization operations, encryption operations, or decryption operations. The data desensitization encryption and decryption method and device provided by the present invention can obtain the target expression corresponding to the target data and perform desensitization operation, encryption operation or decryption operation on the target data based on the target expression. Standardizing data-like applications can make code cleaner, more unified, and better constrained, realize unified, low-cost, and efficient data desensitization encryption and decryption, reduce code writing and development costs, and improve data cross-system call efficiency.

Figure 202210233285

Description

数据脱敏加解密方法及装置Data desensitization encryption and decryption method and device

技术领域technical field

本发明涉及计算机技术领域,尤其涉及一种数据脱敏加解密方法及装置。The invention relates to the field of computer technology, and in particular, to a method and device for data desensitization encryption and decryption.

背景技术Background technique

随着数据安全的重要性提高,在数据采集、汇总和共享过程中以及在程序中对密码和敏感性信息等,需要对数据进行脱敏和加解密操作,以防止数据的暴露和泄露,提高数据的安全性。对于数据的多系统间集成调用,目前需要各自系统分别根据要求进行脱敏加解密操作,从而增加代码编写量和开发成本,并且会降低数据调用效率。With the increasing importance of data security, it is necessary to desensitize, encrypt and decrypt data in the process of data collection, aggregation and sharing as well as for passwords and sensitive information in programs to prevent data exposure and leakage, improve Data security. For the integrated call of data between multiple systems, each system currently needs to perform desensitization encryption and decryption operations according to the requirements, thereby increasing the amount of code writing and development costs, and reducing the efficiency of data calling.

发明内容SUMMARY OF THE INVENTION

本发明提供一种数据脱敏加解密方法及装置,用以解决现有技术中的开发成本高的缺陷,实现统一、低成本、高效的数据脱敏加解密。The invention provides a data desensitization encryption and decryption method and device, which are used to solve the defect of high development cost in the prior art and realize unified, low-cost and efficient data desensitization encryption and decryption.

本发明提供一种数据脱敏加解密方法,包括:The present invention provides a data desensitization encryption and decryption method, comprising:

获取目标数据对应的目标表达式;Get the target expression corresponding to the target data;

基于所述目标表达式,对所述目标数据执行目标操作;其中,所述目标操作包括脱敏操作、加密操作或解密操作。Based on the target expression, a target operation is performed on the target data; wherein, the target operation includes a desensitization operation, an encryption operation or a decryption operation.

根据本发明提供的一种数据脱敏加解密方法,所述基于所述目标表达式,对所述目标数据执行目标操作,包括:According to a data desensitization encryption and decryption method provided by the present invention, performing a target operation on the target data based on the target expression includes:

获取所述目标表达式携带的替换字符和替换范围的信息;Obtain the information of the replacement character and the replacement range carried by the target expression;

基于所述替换字符和替换范围的信息,对所述目标数据执行脱敏操作。Based on the replacement character and replacement range information, a desensitization operation is performed on the target data.

根据本发明提供的一种数据脱敏加解密方法,所述基于所述目标表达式,对所述目标数据执行目标操作,包括:According to a data desensitization encryption and decryption method provided by the present invention, performing a target operation on the target data based on the target expression includes:

获取所述目标表达式携带的加密算法、加密规则和密钥的信息;Obtain the information of the encryption algorithm, encryption rule and key carried by the target expression;

基于所述加密算法、加密规则和密钥的信息,对所述目标数据执行加密操作。An encryption operation is performed on the target data based on the information of the encryption algorithm, encryption rule and key.

根据本发明提供的一种数据脱敏加解密方法,所述基于所述目标表达式,对所述目标数据执行目标操作,包括:According to a data desensitization encryption and decryption method provided by the present invention, performing a target operation on the target data based on the target expression includes:

获取所述目标表达式携带的解密算法、解密规则和密钥的信息;Obtain the information of the decryption algorithm, decryption rule and key carried by the target expression;

基于所述解密算法、解密规则和密钥的信息,对所述目标数据执行解密操作。A decryption operation is performed on the target data based on the decryption algorithm, decryption rule and key information.

根据本发明提供的一种数据脱敏加解密方法,所述基于所述目标表达式,对所述目标数据执行目标操作,包括:According to a data desensitization encryption and decryption method provided by the present invention, performing a target operation on the target data based on the target expression includes:

获取所述目标表达式携带的被替换字符以及替换序号的信息;Obtain the information of the replaced character and the replacement serial number carried by the target expression;

基于所述被替换字符以及替换序号的信息,对所述目标数据进行字符串替换,以实现脱敏操作。Based on the information of the replaced character and the replacement serial number, character string replacement is performed on the target data to implement a desensitization operation.

根据本发明提供的一种数据脱敏加解密方法,所述基于所述替换字符和替换范围的信息,对所述目标数据执行脱敏操作,包括:According to a data desensitization encryption and decryption method provided by the present invention, the desensitization operation performed on the target data based on the information of the replacement characters and the replacement range includes:

在所述目标数据的字符串长度超过长度阈值的情况下,基于所述长度阈值,对所述目标数据进行分段,得到多个数据分段;When the length of the character string of the target data exceeds the length threshold, the target data is segmented based on the length threshold to obtain a plurality of data segments;

所述基于所述替换字符和替换范围的信息,分别对每一所述数据分段执行脱敏操作。The desensitization operation is performed on each of the data segments based on the information of the replacement character and the replacement range, respectively.

本发明还提供一种数据脱敏加解密装置,包括:The present invention also provides a data desensitization encryption and decryption device, comprising:

获取模块,用于获取目标数据对应的目标表达式;The acquisition module is used to acquire the target expression corresponding to the target data;

执行模块,用于基于所述目标表达式,对所述目标数据执行目标操作;其中,所述目标操作包括脱敏操作、加密操作或解密操作。An execution module, configured to perform a target operation on the target data based on the target expression; wherein the target operation includes a desensitization operation, an encryption operation or a decryption operation.

本发明还提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如上述任一种所述数据脱敏加解密方法的步骤。The present invention also provides an electronic device, comprising a memory, a processor, and a computer program stored in the memory and running on the processor, the processor implementing the data desensitization as described above when the processor executes the program The steps of the encryption and decryption method.

本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现如上述任一种所述数据脱敏加解密方法的步骤。The present invention also provides a non-transitory computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, implements the steps of any of the above-mentioned data desensitization encryption and decryption methods.

本发明还提供一种计算机程序产品,包括计算机程序,所述计算机程序被处理器执行时实现如上述任一种所述数据脱敏加解密方法的步骤。The present invention also provides a computer program product, including a computer program, which implements the steps of any of the above-mentioned data desensitization encryption and decryption methods when the computer program is executed by a processor.

本发明提供的数据脱敏加解密方法及装置,通过获取目标数据对应的目标表达式,基于目标表达式,对目标数据执行脱敏操作、加密操作或解密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The data desensitization encryption and decryption method and device provided by the present invention can obtain the target expression corresponding to the target data and perform desensitization, encryption or decryption operations on the target data based on the target expression. Standardizing data-like applications can make the code cleaner, more unified, and better constrained, can achieve unified, low-cost, and efficient data desensitization encryption and decryption, can reduce the amount of code writing and development costs, and improve data cross-system call efficiency.

附图说明Description of drawings

为了更清楚地说明本发明或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to explain the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the drawings in the following description are of the present invention. For some embodiments of the present invention, for those of ordinary skill in the art, other drawings can also be obtained from these drawings without any creative effort.

图1是本发明提供的数据脱敏加解密方法的流程示意图;Fig. 1 is the schematic flowchart of the data desensitization encryption and decryption method provided by the present invention;

图2是本发明提供的数据脱敏加解密装置的结构示意图;Fig. 2 is the structural representation of the data desensitization encryption and decryption device provided by the present invention;

图3是本发明提供的电子设备的结构示意图。FIG. 3 is a schematic structural diagram of an electronic device provided by the present invention.

具体实施方式Detailed ways

为使本发明的目的、技术方案和优点更加清楚,下面将结合本发明中的附图,对本发明中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention. , not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

在本发明实施例的描述中,术语“第一”、“第二”、“第三”仅用于描述目的,而不能理解为指示或暗示相对重要性,且不涉及顺序。In the description of the embodiments of the present invention, the terms "first", "second" and "third" are only used for the purpose of description, and should not be construed as indicating or implying relative importance, and do not involve sequence.

在本发明实施例的描述中,需要说明的是,除非另有明确的规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是机械连接,也可以是电连接;可以是直接相连,也可以通过中间媒介间接相连,可以是两个元件内部的连通。对于本领域的普通技术人员而言,可以具体情况理解上述术语在本发明实施例中的具体含义。In the description of the embodiments of the present invention, it should be noted that the terms "installed", "connected" and "connected" should be understood in a broad sense, unless otherwise expressly specified and limited. For example, it may be a fixed connection or a Removable connection, or integral connection; can be mechanical connection, can also be electrical connection; can be directly connected, can also be indirectly connected through an intermediate medium, can be internal communication between two components. Those of ordinary skill in the art can understand the specific meanings of the above terms in the embodiments of the present invention in specific situations.

下面结合图1至图3描述本发明提供的数据脱敏加解密方法及装置。The data desensitization encryption and decryption method and device provided by the present invention will be described below with reference to FIG. 1 to FIG. 3 .

图1是本发明提供的数据脱敏加解密方法的流程示意图。下面结合图1发明本申请实施例的数据脱敏加解密方法。如图1所示,该方法可以包括:步骤101和步骤102。1 is a schematic flowchart of a data desensitization encryption and decryption method provided by the present invention. The data desensitization encryption and decryption method according to the embodiment of the present application is disclosed below with reference to FIG. 1 . As shown in FIG. 1 , the method may include: step 101 and step 102 .

具体地,本发明实施例提供的数据脱敏加解密方法的执行主体可以为数据脱敏加解密装置。Specifically, the execution body of the data desensitization encryption and decryption method provided by the embodiment of the present invention may be a data desensitization encryption and decryption device.

步骤101、获取目标数据对应的目标表达式。Step 101: Obtain a target expression corresponding to the target data.

具体地,目标数据,可以为字符串。Specifically, the target data can be a string.

目标表达式,用于对目标数据执行目标操作。The target expression, which is used to perform the target operation on the target data.

可选地,目标操作可以为脱敏操作、加密操作或解密操作。Optionally, the target operation may be a desensitization operation, an encryption operation or a decryption operation.

需要说明的是,步骤101之前,已预先为各种脱敏操作、加密操作和解密操作定义了表达式。对于每一种脱敏操作、加密操作和解密操作,可以分别按照其对应的预设格式和业务需求来定义表达式。该表达式可以携带有该操作的各个参数的信息。It should be noted that, before step 101, expressions have been defined in advance for various desensitization operations, encryption operations, and decryption operations. For each desensitization operation, encryption operation, and decryption operation, expressions can be defined according to their corresponding preset formats and business requirements. The expression can carry information about the various parameters of the operation.

可选地,可以基于目标数据与表达式之间的对应关系,获取目标数据对应的目标表达式。Optionally, the target expression corresponding to the target data may be obtained based on the correspondence between the target data and the expression.

可选地,目标数据与表达式之间的对应关系,可以通过用户的输入确定,也可以预先设定。Optionally, the corresponding relationship between the target data and the expression may be determined by the user's input, or may be preset.

示例性地,对脱敏操作、加密操作和解密操作分别定义一个表达式,在需要对目标数据进行数据脱敏的情况下,则对脱敏操作定义的达式为目标数据对应的目标表达式。Exemplarily, an expression is defined for the desensitization operation, the encryption operation, and the decryption operation respectively, and in the case that the target data needs to be desensitized, the expression defined for the desensitization operation is the target expression corresponding to the target data. .

步骤102、基于目标表达式,对目标数据执行目标操作;其中,目标操作包括脱敏操作、加密操作或解密操作。Step 102 , based on the target expression, perform a target operation on the target data; wherein, the target operation includes a desensitization operation, an encryption operation or a decryption operation.

具体地,目标表达式可以携带有目标操作的各个参数的信息,因而可以基于目标表达式携带的目标操作的各个参数的信息,对目标数据执行目标操作。Specifically, the target expression can carry information of each parameter of the target operation, so the target operation can be performed on the target data based on the information of each parameter of the target operation carried by the target expression.

可以理解的是,通过将业务需求和脱敏加解密算法结合形成统一规范的表达式,通过统一规范的表达式,可以将脱敏加解密等操作形成统一规范,规范加解密和脱敏操作,在代码编写过程中可以使用统一规范的表达式,从而各系统均可以基于目标数据对应的目标表达式,对目标数据执行目标操作。It can be understood that by combining business requirements and desensitization encryption and decryption algorithms to form a unified standard expression, through a unified standard expression, operations such as desensitization encryption and decryption can be formed into a unified standard, and the encryption and decryption and desensitization operations can be standardized. In the process of code writing, a unified and standardized expression can be used, so that each system can perform target operations on the target data based on the target expression corresponding to the target data.

需要说明的是,目标表达式可以以jar包的形式发布,方便多系统集成。多系统需要数据传输的加解密操作,多系统间就能减少沟通成本,具体操作就较为规范;目标表达式可以适用大量场景(身份证,电话,IP,银行卡等),能够减少代码编写量和Bug次数,推广使用之后,代码可读性提高。It should be noted that the target expression can be released in the form of a jar package, which is convenient for multi-system integration. Multiple systems require encryption and decryption operations for data transmission, which can reduce communication costs between multiple systems, and the specific operations are more standardized; the target expression can be applied to a large number of scenarios (ID card, phone, IP, bank card, etc.), which can reduce the amount of code writing And the number of bugs, after the promotion and use, the readability of the code is improved.

本发明实施例通过获取目标数据对应的目标表达式,基于目标表达式,对目标数据执行脱敏操作、加密操作或解密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。In the embodiment of the present invention, by acquiring the target expression corresponding to the target data, and based on the target expression, the desensitization operation, encryption operation or decryption operation is performed on the target data, so that the application of such data can be standardized through standard expressions, and the code Cleaner, more unified, and better constraints can achieve unified, low-cost, and efficient data desensitization encryption and decryption, reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

基于上述任一实施例的内容,基于目标表达式,对目标数据执行目标操作,包括:获取目标表达式携带的替换字符和替换范围的信息。Based on the contents of any of the foregoing embodiments, and based on the target expression, performing the target operation on the target data includes: acquiring information on replacement characters and replacement ranges carried by the target expression.

具体地,对于脱敏操作,目标表达式可以携带有替换字符和替换范围等信息。在目标操作为脱敏操作的情况下,目标表达式可以为脱敏表达式。Specifically, for the desensitization operation, the target expression can carry information such as replacement characters and replacement ranges. In the case where the target operation is a desensitization operation, the target expression may be a desensitization expression.

可以理解的是,可以通过字符替换的方式进行数据脱敏。It is understandable that data desensitization can be performed by means of character replacement.

替换字符,指用于替换目标数据中的原字符的字符。The replacement character refers to the character used to replace the original character in the target data.

替换范围,指目标数据中被替换的字符的范围。The replacement range refers to the range of characters to be replaced in the target data.

基于替换字符和替换范围的信息,对目标数据执行脱敏操作。Perform desensitization operations on target data based on information about replacement characters and replacement ranges.

具体地,基于替换字符和替换范围的信息,可以将目标数据中替换范围的字符替换为上述替换字符,完成对目标数据的脱敏操作。Specifically, based on the information of the replacement characters and the replacement range, the characters in the replacement range in the target data can be replaced with the above-mentioned replacement characters to complete the desensitization operation on the target data.

可选地,目标表达式中,可以通过特定的字符限定替换字符和替换范围。Optionally, in the target expression, the replacement character and replacement range can be limited by specific characters.

示例性地,以“{}”来限定范围,可以用“,”定义多个替换字符,替换范围替换用“-”定义,默认从字符首位(0开始)开始计数,$定义数字从末位往前数。Exemplarily, "{}" is used to define the range, and "," can be used to define multiple replacement characters. The replacement range is defined with "-". By default, the count starts from the first character (starting from 0), and $ defines the number from the last position. Count forward.

例如{4,6-$2}*表示第5位,以及第7位到倒数第3位,每个字符串替换为*;若不想暴露字符长度,{4,6-$2}***表示第5位替换位三个*,第7为到倒数第3位这个区间内的字符替换为***。For example, {4,6-$2}* represents the 5th digit, and the 7th to the penultimate 3rd digit, and each string is replaced with *; if you do not want to expose the character length, {4,6-$2}*** represents the first The 5th place is replaced by three *, and the 7th is replaced by *** for the characters in the range from the 7th to the penultimate 3rd place.

本发明实施例通过统一标准的脱敏表达式对目标数据执行脱敏操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The embodiment of the present invention performs desensitization operations on target data through a unified standard desensitization expression, can standardize the application of such data through a standard expression, can carry out cleaner, more unified, and better constraints on the code, and can Implementing unified, low-cost, and efficient data desensitization encryption and decryption can reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

基于上述任一实施例的内容,基于替换字符和替换范围的信息,对目标数据执行脱敏操作,包括:在目标数据的字符串长度超过长度阈值的情况下,基于长度阈值,对目标数据进行分段,得到多个数据分段。Based on the content of any of the above embodiments, and based on the information of the replacement characters and the replacement range, performing a desensitization operation on the target data, including: in the case that the length of the character string of the target data exceeds the length threshold, based on the length threshold, perform a desensitization operation on the target data. segment to get multiple data segments.

具体地,对于较长的字符串,即在目标数据的字符串长度超过长度阈值的情况下,可以对目标数据进行分段,得到多个数据分段。Specifically, for a longer character string, that is, when the length of the character string of the target data exceeds the length threshold, the target data may be segmented to obtain multiple data segments.

例如,对于机器的IP地址之类的字符串,需要对其进行分割,然后再对其进行脱敏操作。For example, for a string like the IP address of a machine, it needs to be segmented and then desensitized.

基于替换字符和替换范围的信息,分别对每一数据分段执行脱敏操作。Based on the replacement character and replacement range information, a desensitization operation is performed separately for each data segment.

具体地,对于每一数据分段,可以分别基于替换字符和替换范围的信息,将该数据分段中替换范围的字符替换为上述替换字符,完成对该数据分段的脱敏操作。Specifically, for each data segment, based on the information of the replacement character and the replacement range, the characters in the replacement range in the data segment can be replaced with the above-mentioned replacement characters to complete the desensitization operation of the data segment.

示例性地,可以定义“?”为脱敏表达式中字符串分割的关键字。Exemplarily, "?" can be defined as a keyword for string segmentation in the desensitization expression.

本发明实施例通过统一标准的脱敏表达式对目标数据执行脱敏操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The embodiment of the present invention performs desensitization operations on target data through a unified standard desensitization expression, can standardize the application of such data through a standard expression, can carry out cleaner, more unified, and better constraints on the code, and can Implementing unified, low-cost, and efficient data desensitization encryption and decryption can reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

基于上述任一实施例的内容,基于目标表达式,对目标数据执行目标操作,包括:获取目标表达式携带的加密算法、加密规则和密钥的信息。Based on the content of any of the foregoing embodiments, and based on the target expression, performing the target operation on the target data includes: obtaining the information of the encryption algorithm, encryption rule and key carried by the target expression.

具体地,对于加密操作,目标表达式可以携带有加密算法、加密规则和密钥等信息。在目标操作为加密操作的情况下,目标表达式可以为加密表达式。Specifically, for encryption operations, the target expression can carry information such as encryption algorithms, encryption rules, and keys. Where the target operation is a cryptographic operation, the target expression may be a cryptographic expression.

加密算法,可以包括AES(Advanced Encryption Standard,高级加密标准)、DES(Data Encryption Standard,数据加密标准)、RSA或MD5等。The encryption algorithm may include AES (Advanced Encryption Standard, Advanced Encryption Standard), DES (Data Encryption Standard, Data Encryption Standard), RSA or MD5 and the like.

若加密算法为AES、DES或RSA,则目标表达式中还需携带具体的加密规则和密钥的信息,定义AES(加密规则,加密密钥),DES(加密规则,加密密钥),RSA(加密规则,加密密钥)。If the encryption algorithm is AES, DES or RSA, the target expression also needs to carry specific encryption rules and key information, define AES (encryption rules, encryption keys), DES (encryption rules, encryption keys), RSA (encryption rule, encryption key).

若加密算法为MD5算法,则目标表达式中加密规则和密钥的信息为缺省值。If the encryption algorithm is the MD5 algorithm, the information of the encryption rule and key in the target expression is the default value.

基于加密算法、加密规则和密钥的信息,对目标数据执行加密操作。Perform cryptographic operations on target data based on information about encryption algorithms, encryption rules, and keys.

具体地,基于加密算法、加密规则和密钥的信息,可以对目标数据执行加密操作,得到加密后的目标数据。Specifically, based on the information of the encryption algorithm, the encryption rule and the key, an encryption operation can be performed on the target data to obtain the encrypted target data.

示例性地,e(AES,AES/ECB/PKCS7Padding,admin123),表示采用AES算法,用AES/ECB/PKCS7Padding加密规则根据admin123密钥进行数据加密;e(MD5),则表示采用MD5进行加密。Exemplarily, e(AES, AES/ECB/PKCS7Padding, admin123) means that the AES algorithm is used, and the AES/ECB/PKCS7Padding encryption rule is used to encrypt data according to the admin123 key; e(MD5) means that MD5 is used for encryption.

本发明实施例通过统一标准的加密表达式对目标数据执行加密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The embodiment of the present invention performs an encryption operation on target data through a unified standard encryption expression, can standardize the application of such data through a standard expression, can carry out cleaner, more unified, and better constraints on the code, and can achieve a unified , Low-cost and efficient data desensitization encryption and decryption, can reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

基于上述任一实施例的内容,基于目标表达式,对目标数据执行目标操作,包括:获取目标表达式携带的解密算法、解密规则和密钥的信息。Based on the content of any of the foregoing embodiments, and based on the target expression, performing the target operation on the target data includes: obtaining the decryption algorithm, decryption rule and key information carried by the target expression.

具体地,对于解密操作,目标表达式可以携带有解密算法、解密规则和密钥等信息。在目标操作为解密操作的情况下,目标表达式可以为解密表达式。Specifically, for the decryption operation, the target expression can carry information such as decryption algorithm, decryption rule, and key. In the case where the target operation is a decryption operation, the target expression may be a decryption expression.

解密算法可以为包括AES、DES或RSA等。The decryption algorithm may include AES, DES or RSA, etc.

若解密算法为AES、DES或RSA,则目标表达式中还需携带具体的解密规则和密钥的信息,定义AES(解密规则,解密密钥),DES(解密规则,解密密钥),RSA(加密规则,解密密钥)。If the decryption algorithm is AES, DES or RSA, the target expression also needs to carry specific decryption rules and key information, define AES (decryption rule, decryption key), DES (decryption rule, decryption key), RSA (encryption rules, decryption keys).

基于解密算法、解密规则和密钥的信息,对目标数据执行解密操作。The decryption operation is performed on the target data based on the information of the decryption algorithm, decryption rule and key.

具体地,基于解密算法、解密规则和密钥的信息,可以对目标数据执行解密操作,得到解密后的目标数据。Specifically, based on the information of the decryption algorithm, the decryption rule and the key, a decryption operation can be performed on the target data to obtain the decrypted target data.

示例性地,d(DES,Desede/ECB/PKCS5Padding,admin123),表示采用DES算法,用Desede/ECB/PKCS5Padding解密规则根据admin123密钥进行数据解密。Exemplarily, d(DES, Desede/ECB/PKCS5Padding, admin123), indicates that the DES algorithm is used, and the Desede/ECB/PKCS5Padding decryption rule is used to decrypt the data according to the admin123 key.

本发明实施例通过统一标准的解密表达式对目标数据执行解密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The embodiment of the present invention performs decryption operations on target data through a unified standard decryption expression, can standardize the application of such data through a standard expression, and can carry out cleaner, more unified, and better constraints on the code, and can achieve a unified , Low-cost and efficient data desensitization encryption and decryption, can reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

基于上述任一实施例的内容,基于目标表达式,对目标数据执行目标操作,包括:获取目标表达式携带的被替换字符以及替换序号的信息。Based on the content of any of the foregoing embodiments, and based on the target expression, performing the target operation on the target data includes: acquiring information of the replaced character and the replacement sequence number carried by the target expression.

具体地,可以通过对目标数据中的特定字符串进行替换来实现脱敏。上述目标数据中的特定字符串,即被替换字符。Specifically, desensitization can be achieved by replacing specific strings in the target data. The specific character string in the above target data, that is, the replaced character.

替换序号,指需要被替换的特定字符串的序号,可以视为标识替换范围的一种形式。The replacement sequence number refers to the sequence number of the specific string to be replaced, which can be regarded as a form of identifying the replacement range.

基于被替换字符以及替换序号的信息,对目标数据进行字符串替换,以实现脱敏操作。Based on the information of the replaced character and the replacement serial number, the target data is replaced by a string to realize the desensitization operation.

具体地,基于被替换字符以及替换序号的信息,可以将目标数据中上述替换序号的被替换字符替换为替换字符,完成对目标数据的脱敏操作。Specifically, based on the information of the replaced character and the replacement serial number, the replaced character of the above-mentioned replacement serial number in the target data can be replaced with a replacement character to complete the desensitization operation on the target data.

示例性地,定义R(替换字符:替换序号:i)为字符串替换表达式;以R(...[:...][:i])为表达式关键字;被替换字符为要查找的字符;替换序号为找到的需要替换的位置当要替换全部时,可以用:g表示;:i表示忽略大小写。Exemplarily, define R (replacement character: replacement number: i) as a string replacement expression; use R(...[:...][:i]) as an expression keyword; the replaced character is the desired The character to be searched; the replacement sequence number is the position that needs to be replaced. When you want to replace all, you can use: g to represent; :i to ignore case.

例如,R(java:{1-$1}:i)表示替换字符串中java,忽略大小写,替换第二个到倒数第二个字符串“java”。For example, R(java:{1-$1}:i) means to replace java in the string, ignoring case, and replace the second to penultimate string "java".

可以理解的是,字符串替换表达式可以视为一种脱敏表达式。Understandably, a string replacement expression can be regarded as a desensitization expression.

本发明实施例通过统一标准的脱敏表达式对目标数据执行脱敏操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。The embodiment of the present invention performs desensitization operations on target data through a unified standard desensitization expression, can standardize the application of such data through a standard expression, can carry out cleaner, more unified, and better constraints on the code, and can Implementing unified, low-cost, and efficient data desensitization encryption and decryption can reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

下面对本发明提供的数据脱敏加解密装置进行描述,下文描述的数据脱敏加解密装置与上文描述的数据脱敏加解密方法可相互对应参照。The data desensitization encryption and decryption device provided by the present invention is described below. The data desensitization encryption and decryption device described below and the data desensitization encryption and decryption method described above can be referred to each other correspondingly.

图2是本发明提供的数据脱敏加解密装置的结构示意图。基于上述任一实施例的内容,如图2所示,该装置可以包括获取模块201和执行模块202,其中:FIG. 2 is a schematic structural diagram of a data desensitization encryption and decryption device provided by the present invention. Based on the contents of any of the above embodiments, as shown in FIG. 2 , the apparatus may include an acquisition module 201 and an execution module 202, wherein:

获取模块201,用于获取目标数据对应的目标表达式;an acquisition module 201, used for acquiring a target expression corresponding to the target data;

执行模块202,用于基于目标表达式,对目标数据执行目标操作;an execution module 202, configured to perform a target operation on the target data based on the target expression;

其中,目标操作包括脱敏操作、加密操作或解密操作。The target operation includes a desensitization operation, an encryption operation or a decryption operation.

具体地,获取模块201和执行模块202电连接。Specifically, the acquisition module 201 and the execution module 202 are electrically connected.

获取模块201可以基于目标数据与表达式之间的对应关系,获取目标数据对应的目标表达式。The obtaining module 201 can obtain the target expression corresponding to the target data based on the corresponding relationship between the target data and the expression.

目标表达式可以携带有目标操作的各个参数的信息,执行模块202可以基于目标表达式携带的目标操作的各个参数的信息,对目标数据执行目标操作。The target expression may carry information of each parameter of the target operation, and the execution module 202 may execute the target operation on the target data based on the information of each parameter of the target operation carried by the target expression.

可选地,执行模块202可以包括:Optionally, the execution module 202 may include:

第一获取单元,用于获取目标表达式携带的替换字符和替换范围的信息;The first obtaining unit is used to obtain the information of the replacement character and the replacement range carried by the target expression;

脱敏单元,用于基于替换字符和替换范围的信息,对目标数据执行脱敏操作。The desensitization unit is used to desensitize the target data based on the information of the replacement characters and the replacement range.

可选地,执行模块202可以包括:Optionally, the execution module 202 may include:

第二获取单元,用于获取目标表达式携带的加密算法、加密规则和密钥的信息;The second obtaining unit is used to obtain the information of the encryption algorithm, encryption rule and key carried by the target expression;

加密单元,用于基于加密算法、加密规则和密钥的信息,对目标数据执行加密操作。The encryption unit is used to perform encryption operations on target data based on the information of encryption algorithms, encryption rules and keys.

可选地,执行模块202可以包括:Optionally, the execution module 202 may include:

第三获取单元,用于获取目标表达式携带的解密算法、解密规则和密钥的信息;The third obtaining unit is used to obtain the information of the decryption algorithm, decryption rule and key carried by the target expression;

解密单元,用于基于解密算法、解密规则和密钥的信息,对目标数据执行解密操作。The decryption unit is used to perform decryption operation on the target data based on the decryption algorithm, decryption rule and key information.

可选地,执行模块202可以包括:Optionally, the execution module 202 may include:

第四获取单元,用于获取目标表达式携带的被替换字符以及替换序号的信息;The fourth acquisition unit is used to acquire the information of the replaced character and the replacement serial number carried by the target expression;

字符串替换单元,用于基于被替换字符以及替换序号的信息,对目标数据进行字符串替换,以实现脱敏操作。The string replacement unit is used to perform string replacement on the target data based on the information of the replaced character and the replacement serial number, so as to realize the desensitization operation.

可选地,脱敏单元,可以具体用于:Optionally, the desensitization unit can be specifically used for:

在目标数据的字符串长度超过长度阈值的情况下,基于长度阈值,对目标数据进行分段,得到多个数据分段;When the string length of the target data exceeds the length threshold, the target data is segmented based on the length threshold to obtain multiple data segments;

基于替换字符和替换范围的信息,分别对每一数据分段执行脱敏操作。Based on the replacement character and replacement range information, a desensitization operation is performed separately for each data segment.

本发明实施例提供的数据脱敏加解密装置,用于执行本发明上述数据脱敏加解密方法,其实施方式与本发明提供的数据脱敏加解密方法的实施方式一致,且可以达到相同的有益效果,此处不再赘述。The data desensitization encryption and decryption device provided by the embodiment of the present invention is used to execute the above-mentioned data desensitization encryption and decryption method of the present invention. The beneficial effects will not be repeated here.

该数据脱敏加解密装置用于前述各实施例的数据脱敏加解密方法。因此,在前述各实施例中的数据脱敏加解密方法中的描述和定义,可以用于本发明实施例中各执行模块的理解。The data desensitization encryption and decryption device is used in the data desensitization encryption and decryption methods of the foregoing embodiments. Therefore, the descriptions and definitions in the data desensitization encryption and decryption methods in the foregoing embodiments can be used to understand the execution modules in the embodiments of the present invention.

本发明实施例通过获取目标数据对应的目标表达式,基于目标表达式,对目标数据执行脱敏操作、加密操作或解密操作,能通过标准的表达式对此类数据应用进行规范,能够对代码进行更整洁、更统一、更好的约束,能实现统一、低成本、高效的数据脱敏加解密,能减少代码编写量和开发成本,能提高数据跨系统调用的效率。In the embodiment of the present invention, by acquiring the target expression corresponding to the target data, and based on the target expression, the desensitization operation, encryption operation or decryption operation is performed on the target data, so that the application of such data can be standardized through standard expressions, and the code Cleaner, more unified, and better constraints can achieve unified, low-cost, and efficient data desensitization encryption and decryption, reduce the amount of code writing and development costs, and improve the efficiency of data cross-system calls.

图3示例了一种电子设备的实体结构示意图,如图3所示,该电子设备可以包括:处理器(processor)310、通信接口(Communications Interface)320、存储器(memory)330和通信总线340,其中,处理器310,通信接口320,存储器330通过通信总线340完成相互间的通信。处理器310可以调用存储器330中的逻辑指令,以执行数据脱敏加解密方法,该方法包括:获取目标数据对应的目标表达式;基于目标表达式,对目标数据执行目标操作;其中,目标操作包括脱敏操作、加密操作或解密操作。FIG. 3 illustrates a schematic diagram of the physical structure of an electronic device. As shown in FIG. 3 , the electronic device may include: a processor (processor) 310, a communication interface (Communications Interface) 320, a memory (memory) 330 and a communication bus 340, The processor 310 , the communication interface 320 , and the memory 330 communicate with each other through the communication bus 340 . The processor 310 can call the logic instructions in the memory 330 to execute the data desensitization encryption and decryption method, the method includes: obtaining a target expression corresponding to the target data; performing a target operation on the target data based on the target expression; wherein, the target operation Including desensitization operations, encryption operations or decryption operations.

此外,上述的存储器330中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above-mentioned logic instructions in the memory 330 may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as an independent product. Based on this understanding, the technical solution of the present invention can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, Read-Only Memory (ROM, Read-Only Memory), Random Access Memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes .

本申请实施例提供的电子设备中的处理器310可以调用存储器330中的逻辑指令,其实施方式与本申请提供的数据脱敏加解密方法的实施方式一致,且可以达到相同的有益效果,此处不再赘述。The processor 310 in the electronic device provided in the embodiment of the present application can call the logic instruction in the memory 330, and its implementation is consistent with the implementation of the data desensitization encryption and decryption method provided in the present application, and can achieve the same beneficial effects. It is not repeated here.

另一方面,本发明还提供一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,计算机能够执行上述各方法所提供的数据脱敏加解密方法,该方法包括:获取目标数据对应的目标表达式;基于目标表达式,对目标数据执行目标操作;其中,目标操作包括脱敏操作、加密操作或解密操作。In another aspect, the present invention also provides a computer program product, the computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions, when the program instructions are executed by a computer When executing, the computer can execute the data desensitization encryption and decryption methods provided by the above methods, and the method includes: obtaining a target expression corresponding to the target data; based on the target expression, performing a target operation on the target data; wherein, the target operation includes desensitizing the target data. sensitive operations, encryption operations, or decryption operations.

本申请实施例提供的计算机程序产品被执行时,实现上述数据脱敏加解密方法,其具体的实施方式与前述方法的实施例中记载的实施方式一致,且可以达到相同的有益效果,此处不再赘述。When the computer program product provided by the embodiment of the present application is executed, the above-mentioned data desensitization encryption and decryption method is implemented. No longer.

又一方面,本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以执行上述各提供的数据脱敏加解密方法,该方法包括:获取目标数据对应的目标表达式;基于目标表达式,对目标数据执行目标操作;其中,目标操作包括脱敏操作、加密操作或解密操作。In another aspect, the present invention also provides a non-transitory computer-readable storage medium on which a computer program is stored, and the computer program is implemented when executed by a processor to execute the data desensitization encryption and decryption methods provided above, the method It includes: acquiring a target expression corresponding to the target data; performing a target operation on the target data based on the target expression; wherein, the target operation includes a desensitization operation, an encryption operation or a decryption operation.

本申请实施例提供的非暂态计算机可读存储介质上存储的计算机程序被执行时,实现上述数据脱敏加解密方法,其具体的实施方式与前述方法的实施例中记载的实施方式一致,且可以达到相同的有益效果,此处不再赘述。When the computer program stored on the non-transitory computer-readable storage medium provided in the embodiment of the present application is executed, the above-mentioned data desensitization encryption and decryption method is implemented, and the specific implementation thereof is consistent with the implementation described in the foregoing method embodiment. And the same beneficial effect can be achieved, which is not repeated here.

以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The device embodiments described above are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed over multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment. Those of ordinary skill in the art can understand and implement it without creative effort.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。From the description of the above embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on this understanding, the above-mentioned technical solutions can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic A disc, an optical disc, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, but not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that it can still be The technical solutions described in the foregoing embodiments are modified, or some technical features thereof are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A method of desensitizing data encryption and decryption, comprising:
acquiring a target expression corresponding to target data;
executing a target operation on the target data based on the target expression; wherein the target operation comprises a desensitization operation, an encryption operation, or a decryption operation.
2. The data desensitization encryption/decryption method according to claim 1, wherein said performing a target operation on said target data based on said target expression comprises:
acquiring information of the replacement characters and the replacement range carried by the target expression;
performing a desensitization operation on the target data based on the information of the replacement characters and replacement ranges.
3. The data desensitization encryption/decryption method according to claim 1, wherein said performing a target operation on said target data based on said target expression comprises:
acquiring information of an encryption algorithm, an encryption rule and a secret key carried by the target expression;
and performing encryption operation on the target data based on the information of the encryption algorithm, the encryption rule and the secret key.
4. The data desensitization encryption/decryption method according to claim 1, wherein said performing a target operation on said target data based on said target expression comprises:
acquiring information of a decryption algorithm, a decryption rule and a secret key carried by the target expression;
and executing decryption operation on the target data based on the decryption algorithm, the decryption rule and the information of the key.
5. The data desensitization encryption/decryption method according to claim 1, wherein said performing a target operation on said target data based on said target expression comprises:
acquiring information of replaced characters and replacement serial numbers carried by the target expression;
and performing character string replacement on the target data based on the replaced characters and the information of the replacement serial number so as to realize desensitization operation.
6. The data desensitization encryption and decryption method according to claim 2, wherein the performing desensitization operations on the target data based on the information of the replacement characters and replacement ranges comprises:
under the condition that the character string length of the target data exceeds a length threshold, segmenting the target data based on the length threshold to obtain a plurality of data segments;
and performing desensitization operation on each data segment respectively based on the information of the replacement characters and the replacement range.
7. A data desensitization encryption/decryption apparatus, comprising:
the acquisition module is used for acquiring a target expression corresponding to the target data;
the execution module is used for executing target operation on the target data based on the target expression; wherein the target operation comprises a desensitization operation, an encryption operation, or a decryption operation.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program performs the steps of a data desensitising encryption/decryption method as claimed in any one of claims 1 to 6.
9. A non-transitory computer readable storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the steps of a data desensitisation encryption/decryption method according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, wherein the computer program when executed by a processor implements the steps of a data de-encryption/decryption method as claimed in any one of claims 1 to 6.
CN202210233285.8A 2022-03-10 2022-03-10 Data desensitization encryption and decryption method and device Pending CN114817975A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210233285.8A CN114817975A (en) 2022-03-10 2022-03-10 Data desensitization encryption and decryption method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210233285.8A CN114817975A (en) 2022-03-10 2022-03-10 Data desensitization encryption and decryption method and device

Publications (1)

Publication Number Publication Date
CN114817975A true CN114817975A (en) 2022-07-29

Family

ID=82529185

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210233285.8A Pending CN114817975A (en) 2022-03-10 2022-03-10 Data desensitization encryption and decryption method and device

Country Status (1)

Country Link
CN (1) CN114817975A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115357936A (en) * 2022-08-31 2022-11-18 武汉迭驰科技有限责任公司 A data encryption method, device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160103378A (en) * 2015-02-24 2016-09-01 한국전자통신연구원 Format-Preserving Encryption Method
CN110084059A (en) * 2019-03-21 2019-08-02 深圳壹账通智能科技有限公司 A kind of method, apparatus and computer equipment of banking system data configuration block chain
CN110084053A (en) * 2019-05-07 2019-08-02 江苏满运软件科技有限公司 Data desensitization method, device, electronic equipment and storage medium
CN112685777A (en) * 2020-12-30 2021-04-20 平安普惠企业管理有限公司 Information desensitization method, apparatus, computer device and medium
CN112685771A (en) * 2020-12-28 2021-04-20 平安普惠企业管理有限公司 Log desensitization method, device, equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160103378A (en) * 2015-02-24 2016-09-01 한국전자통신연구원 Format-Preserving Encryption Method
CN110084059A (en) * 2019-03-21 2019-08-02 深圳壹账通智能科技有限公司 A kind of method, apparatus and computer equipment of banking system data configuration block chain
CN110084053A (en) * 2019-05-07 2019-08-02 江苏满运软件科技有限公司 Data desensitization method, device, electronic equipment and storage medium
CN112685771A (en) * 2020-12-28 2021-04-20 平安普惠企业管理有限公司 Log desensitization method, device, equipment and storage medium
CN112685777A (en) * 2020-12-30 2021-04-20 平安普惠企业管理有限公司 Information desensitization method, apparatus, computer device and medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
宋贤睿: "一种面向数据库的分类数据加密研究", 电子设计工程, 20 July 2017 (2017-07-20), pages 5 - 8 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115357936A (en) * 2022-08-31 2022-11-18 武汉迭驰科技有限责任公司 A data encryption method, device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN109241484B (en) Method and equipment for sending webpage data based on encryption technology
CN112287372B (en) Method and apparatus for protecting clipboard privacy
CN113127915A (en) Data encryption desensitization method and device, electronic equipment and storage medium
JP2017021776A (en) System and method for detecting malicious files on mobile devices
CN112434326B (en) Trusted computing method and device based on data flow
CN108399319B (en) Source code protection method, application server and computer readable storage medium
US20210012017A1 (en) Method and apparatus for storing and processing application program information
US9251325B2 (en) Verifying passwords on a mobile device
CN109857571B (en) Clipboard control method and device
CN115982675A (en) Document processing method, device, electronic device, and storage medium
CN110830261B (en) Encryption method, device, computer equipment and storage medium
CN113055153A (en) Data encryption method, system and medium based on fully homomorphic encryption algorithm
CN113626847B (en) A method and device for data processing
CN117459327A (en) A cloud data transparent encryption protection method, system and device
CN111368322B (en) A file decryption method, device, electronic device and storage medium
CN106203141A (en) The data processing method of a kind of application and device
CN114817975A (en) Data desensitization encryption and decryption method and device
CN109977692B (en) Data processing method and device, storage medium and electronic equipment
CN111831978B (en) A method and device for protecting configuration files
CN113849859A (en) Modification method of Linux kernel, terminal device and storage medium
CN114756833A (en) Code obfuscation method, apparatus, device, medium, and program product
CN115017119A (en) A log mask method and system
CN114239016A (en) Data security processing method, system and storage medium
CN111984631A (en) Production data migration method, device, computer equipment and storage medium
CN114239028A (en) A data processing method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination