Dynamic encrypting and verifying method in interactive process with Webservice

一种与Webservice交互过程动态加密和校验的方法

Abstract

The invention provides a dynamic encrypting and verifying method in an interactive process with Webservice. Aiming at potential safety hazard of the application programs of client sides, encryption operators of the client sides of the application programs and the Webservice are dynamically changed in each interactive process of the client sides of the application programs and the Webservice, the encryption operators are used for carrying out identity verifying and encryption and decryption on transmission content, and developers use the method for verifying the identity of the client sides of the application programs and the Webservice and encrypting the content to avoid various problems caused by the fact that invalidly accessed users input SQL commands. Through the dynamic encrypting and verifying method in the interactive process with the Webservice, the defect that interaction between traditional client sides of the application programs and the Webservice is not safe is overcome, and the security audit requirements of mainstream software and networks can be preliminarily met by using the method to control a data transmission process in a development process.
本发明提供一种与Webservice交互过程动态加密和校验的方法,针对客户端应用程序的安全隐患,在应用程序客户端与Webservice的每次交互过程中动态的变更双方的加密算子,然后使用该加密算子对传输内容进行身份校验和加解密,开发人员利用该方法校验双方身份并加密内容,以避免非法接入的用户注入SQL命令导致的各种问题。通过一种与Webservice交互过程动态加密和校验的方法,可以弥补传统应用程序客户端与Webservice之间交互安全性不高的缺陷,在开发过程中使用该方法控制数据传输过程,可以初步达到主流的软件网络安全审核要求。

Claims

Description

Topics

Download Full PDF Version (Non-Commercial Use)

Patent Citations (0)

    Publication numberPublication dateAssigneeTitle

NO-Patent Citations (1)

    Title
    刘庆慧: "基于WebService的海量数据传输算法研究", 《中国优秀硕士学位论文全文数据库》

Cited By (0)

    Publication numberPublication dateAssigneeTitle