Search

CN-121997351-A - Data access method, device, electronic equipment, storage medium and program product

CN121997351ACN 121997351 ACN121997351 ACN 121997351ACN-121997351-A

Abstract

The application relates to the technical field of data management, and discloses a data access method, a device, electronic equipment, a storage medium and a program product. The application combines the user authentication operation and the shift encryption operation on the model data, realizes the double protection of the model data and improves the data security. The application also stores the model data into a binary format in advance, improves the operation execution efficiency and reduces the performance requirement on the client. When the shift encryption operation is executed on the model data, the dynamic shift parameters are generated according to the model data access request of the client, and the model data access request is generated based on the login token, so that the corresponding dynamic shift parameters are dynamically generated for each model data access request of each client, the model data corresponding to other model data access requests is prevented from being involved due to one-time dynamic shift parameter leakage, and the data security is further improved.

Inventors

  • LI JUHONG
  • ZHU ZONGYAN
  • HE WENKAI
  • ZHENG WEIDIAN

Assignees

  • 佳都科技集团股份有限公司
  • 广州佳都智通科技有限公司
  • 广州华佳软件有限公司

Dates

Publication Date
20260508
Application Date
20251202

Claims (10)

  1. 1. A data access method, applied to a server, the method comprising: Receiving a login request of a client; Executing user authentication operation according to the login request, and issuing a login token to a client; receiving a model data access request of a client, wherein the model data access request is generated based on the login token, and the model data is prestored in a binary format; Generating a dynamic shift parameter according to the model data access request; Performing shift encryption operation on the model data according to the dynamic shift parameters to obtain model encrypted data; Performing encryption operation on the dynamic shift parameter to obtain a dynamic shift key; And sending the dynamic shift key and the model encryption data to the client so that the client can execute anti-shift decryption operation on the model encryption data according to the dynamic shift key to obtain decrypted model data.
  2. 2. The method of claim 1, wherein the model data access request further comprises a model identification and a request timestamp; the generating a dynamic shift parameter according to the model data access request includes: Generating a context seed according to the login token, the model identifier and the request timestamp; and generating a shifting direction, a shifting digit and a shifting unit according to the context seeds and a preset analysis rule.
  3. 3. The method of claim 2, wherein performing a shift-encryption operation on the model data according to the dynamic shift parameter results in model-encrypted data, comprising: splitting the model data into a plurality of model data blocks according to dynamic block size parameters, and distributing a block sequence number for each model data block; generating a block identifier corresponding to each model data block according to the block sequence number, the model identifier and the context seed; Dividing each model data block according to the shifting units, and executing shifting operation on the data in each shifting unit according to the shifting direction and the shifting bit number to obtain each model data block after the shifting operation; performing exclusive OR operation on each shifted model data block and the corresponding block identifier to obtain a shifted encrypted model data block; And taking each shifted encrypted model data block as model encryption data.
  4. 4. The method of claim 2, wherein performing an encryption operation on the dynamic shift parameter to obtain a dynamic shift key comprises: splicing the shifting direction, the shifting bit number and the shifting unit, and converting the shifting direction, the shifting bit number and the shifting unit into a character string of a preset system; generating an encryption key according to the login token; and performing exclusive or encryption operation on the encryption key and the character string to obtain a dynamic shift key.
  5. 5. A method for accessing data, the method comprising: Sending a login request to a server; receiving a login token issued by a server side after executing user authentication operation according to the login request; sending a model data access request to a server, wherein the model data access request is generated based on the login token, and the model data is prestored in a binary format; The method comprises the steps of receiving a dynamic shift key issued by a server based on a model data access request and model encryption data, wherein the model encryption data is obtained by the server by executing shift encryption operation on model data according to dynamic shift parameters; And executing anti-shift decryption operation on the model encrypted data according to the dynamic shift key to obtain decrypted model data.
  6. 6. A data access device, for application to a server, the device comprising: The first request receiving module is used for receiving a login request of the client; The user authentication module is used for executing user authentication operation according to the login request and issuing a login token to the client; the system comprises a client, a second request receiving module, a first request receiving module and a second request receiving module, wherein the client is used for receiving a model data access request of the client, the model data access request is generated based on the login token, and the model data is prestored in a binary format; the parameter generation module is used for generating dynamic shift parameters according to the model data access request; The first encryption module is used for executing shift encryption operation on the model data according to the dynamic shift parameters to obtain model encryption data; the second encryption module is used for executing encryption operation on the dynamic shift parameter to obtain a dynamic shift key; And the data transmitting module is used for transmitting the dynamic shift key and the model encryption data to the client so that the client can execute anti-shift decryption operation on the model encryption data according to the dynamic shift key to obtain decrypted model data.
  7. 7. A data access device for application to a client, the device comprising: The first request sending module is used for sending a login request to the server; the first receiving module is used for receiving a login token issued by the server after the user authentication operation is executed according to the login request; The system comprises a server, a second request sending module and a second request sending module, wherein the second request sending module is used for sending a model data access request to the server, the model data access request is generated based on the login token, and the model data is prestored in a binary format; The system comprises a model data access request, a second receiving module, a dynamic shift key and a model encryption data, wherein the model data access request is used for receiving a dynamic shift key and model encryption data issued by a server side; and the decryption module is used for executing anti-shift decryption operation on the model encrypted data according to the dynamic shift key to obtain decrypted model data.
  8. 8. An electronic device, comprising: A memory and a processor in communication with each other, the memory having stored therein computer instructions, the processor executing the computer instructions to perform the data access method of any of claims 1 to 5.
  9. 9. A computer-readable storage medium having stored thereon computer instructions for causing a computer to perform the data access method of any of claims 1 to 5.
  10. 10. A computer program product comprising computer instructions for causing a computer to perform the data access method of any one of claims 1 to 5.

Description

Data access method, device, electronic equipment, storage medium and program product Technical Field The present invention relates to the field of data management technologies, and in particular, to a data access method, apparatus, electronic device, storage medium, and program product. Background 3DTiles is an open standard format for large-scale 3D geospatial data, and is used for solving the problems of efficient transmission, loading and real-time rendering of 3D models (such as urban architecture, topography, BIM models, etc.) in a network environment. Because the data volume of the 3DTiles model is huge, the encryption calculation amount for each model file is huge, and the client is easy to be blocked, the 3DTiles model data encryption scheme in the related technology adopts a user authentication mode to verify the access qualification of the client. Although the number of clients can be limited in this way, the 3DTiles model data is still unencrypted, and once the user account leaks, the 3DTiles model data still has the risk of leakage, so that the security is low. Disclosure of Invention The invention provides a data access method, a data access device, electronic equipment, a storage medium and a program product, which are used for solving the problems that model data in the related technology is easy to leak and low in safety. In a first aspect, the present invention provides a data access method, applied to a server, where the method includes: Receiving a login request of a client; Executing user authentication operation according to the login request, and issuing a login token to a client; receiving a model data access request of a client, wherein the model data access request is generated based on the login token, and the model data is prestored in a binary format; Generating a dynamic shift parameter according to the model data access request; Performing shift encryption operation on the model data according to the dynamic shift parameters to obtain model encrypted data; Performing encryption operation on the dynamic shift parameter to obtain a dynamic shift key; And sending the dynamic shift key and the model encryption data to the client so that the client can execute anti-shift decryption operation on the model encryption data according to the dynamic shift key to obtain decrypted model data. In an alternative embodiment, the model data access request further includes a model identification and a request timestamp; the generating a dynamic shift parameter according to the model data access request includes: Generating a context seed according to the login token, the model identifier and the request timestamp; and generating a shifting direction, a shifting digit and a shifting unit according to the context seeds and a preset analysis rule. In an alternative embodiment, the performing a shift encryption operation on the model data according to the dynamic shift parameter, to obtain model encrypted data includes: splitting the model data into a plurality of model data blocks according to dynamic block size parameters, and distributing a block sequence number for each model data block; generating a block identifier corresponding to each model data block according to the block sequence number, the model identifier and the context seed; Dividing each model data block according to the shifting units, and executing shifting operation on the data in each shifting unit according to the shifting direction and the shifting bit number to obtain each model data block after the shifting operation; performing exclusive OR operation on each shifted model data block and the corresponding block identifier to obtain a shifted encrypted model data block; And taking each shifted encrypted model data block as model encryption data. In an alternative embodiment, the performing an encryption operation on the dynamic shift parameter to obtain a dynamic shift key includes: splicing the shifting direction, the shifting bit number and the shifting unit, and converting the shifting direction, the shifting bit number and the shifting unit into a character string of a preset system; generating an encryption key according to the login token; and performing exclusive or encryption operation on the encryption key and the character string to obtain a dynamic shift key. In a second aspect, the present invention provides a data access method, applied to a client, the method comprising: Sending a login request to a server; receiving a login token issued by a server side after executing user authentication operation according to the login request; sending a model data access request to a server, wherein the model data access request is generated based on the login token, and the model data is prestored in a binary format; The method comprises the steps of receiving a dynamic shift key issued by a server based on a model data access request and model encryption data, wherein the model encryption data is obtained by the server by